Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAAyV7nGJkK8mUvtL_Wcti-ZyE+HMQ-9ygGwHyDgUXJeaSQ=pZQ@mail.gmail.com>
Date: Tue, 28 Aug 2012 11:33:49 -0400
From: Anthony Ferrara <ircmaxell@...il.com>
To: crypt-dev@...ts.openwall.com
Subject: Re: Simplified PHP Password Hashing

Alex

> I've recently been working on an RFC to add a simplified PHP password
> > hashing API to PHP's core. I was hoping for some feedback, and a code
> > review of the implementation.
> >
> > https://wiki.php.net/rfc/password_hash
> >
> >
> https://github.com/ircmaxell/php-src/blob/hash_password/ext/standard/password.c
> >
> > It's still a work in progress, but I wanted to reach out for input and
> > review prior to moving too far forward.
>
> Thanks.  I've just provided a relevant reply here:
>
> http://news.php.net/php.internals/60977
>
> Unfortunately, I don't expect to have much time for this during the
> summer.  If you're not in much of a hurry to include this in PHP, then
> I'd be happy to review and discuss it with you later.
>

Would now be a better time for some feedback? I'd like to propose this soon
(so it doesn't drop completely off the radar)...

I did post this to security.stackexchange:
http://security.stackexchange.com/q/16506/1148 and got some good feedback.
The size_t changes are on my list to implement shortly.

Thanks for the help,

Anthony

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.