rfc:password_registry

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
rfc:password_registry [2018/11/06 16:56]
pollita
rfc:password_registry [2018/12/25 13:07] (current)
cmb This RFC has already been implemented
Line 3: Line 3:
   * Date: 2018-10-15   * Date: 2018-10-15
   * Author: Sara Golemon, pollita@php.net   * Author: Sara Golemon, pollita@php.net
-  * Status: ​Voting+  * Status: ​Implemented (PHP 7.4)
   * First Published at: http://​wiki.php.net/​rfc/​password_registry   * First Published at: http://​wiki.php.net/​rfc/​password_registry
  
Line 63: Line 63:
 ====== Minimizing impact to BC ====== ====== Minimizing impact to BC ======
  
-In order to minimize the impact of the above BC. we could overload the **password_hash()** and **password_needs_rehash()** methods to accept integer values 0, 1, 2, and 3 to function as aliases for DEFAULT, BCRYPT, ARGIN2I, and ARGON2ID, respectively. ​ This is being presented as a separate vote below.+In order to minimize the impact of the above BC. we could overload the **password_hash()** and **password_needs_rehash()** methods to accept integer values 0, 1, 2, and 3 to function as aliases for DEFAULT, BCRYPT, ARGIN2I, and ARGON2ID, respectively.   Using an int would therefore work, but would produce a deprecation warning.  This is being presented as a separate vote below.
  
 ===== Extension Changes ===== ===== Extension Changes =====
Line 78: Line 78:
 Simple 50% +1, make the password hashing system extensible via internal-only registry. Simple 50% +1, make the password hashing system extensible via internal-only registry.
  
-<doodle title="​Make the password hashing system extensible via internal-only registry?"​ auth="​pollita"​ voteType="​single"​ closed="​false">+<doodle title="​Make the password hashing system extensible via internal-only registry?"​ auth="​pollita"​ voteType="​single"​ closed="​true">
    * Yes    * Yes
    * No    * No
Line 86: Line 86:
 Should the above poll pass, the following 50%+1 question asks if we should additionally provide the overloaded behavior described above in "​minimizing impact to BC". Should the above poll pass, the following 50%+1 question asks if we should additionally provide the overloaded behavior described above in "​minimizing impact to BC".
  
-<doodle title="​Support integer constants 0-3 to password_hash() et. al. for BC" auth="​pollita"​ voteType="​single"​ closed="​false">+<doodle title="​Support integer constants 0-3 to password_hash() et. al. for BC" auth="​pollita"​ voteType="​single"​ closed="​true">
    * Yes    * Yes
    * No    * No
Line 102: Line 102:
   * https://​github.com/​php/​php-src/​pull/​3609   * https://​github.com/​php/​php-src/​pull/​3609
  
 +===== Implementation =====
 +
 +  - Implementation:​ <​http://​git.php.net/?​p=php-src.git;​a=commit;​h=534df87c9e3c28001986e70844e0ad04e5708d3d>​
 +  - Documentation:​ to be done.
  
rfc/password_registry.1541523410.txt.gz · Last modified: 2018/11/06 16:56 by pollita