On Tue, 11 Feb 2020 at 09:34, AllenJB <php.li...@allenjb.me.uk> wrote:
> If you want to change the way developers think about hashing when > writing PHP, I would start with the documentation rather than > deprecating functions which are essentially aliases and are highly > likely used all over the place in cases where they do exactly what > people want. > I agree. It isn't wrong to use MD5 or SHA1 in the right situation (or even CRC32). The documentation can tell people when they can use these algorithms, and when they must not think about using them. Mark them in the documentation as "RECOMMENDED DO NOT USE" and guide people away. Peter
