On Wed, Jul 24, 2024 at 3:03 PM Morgan <weedpac...@varteg.nz> wrote:
> And they would still be available as hash("md5") and hash("sha1"); the
> only reason they're called out as their own distinct functions today is
> historical inertia.
>
Yes, I am aware of that, it's covered in the RFC and has been discussed.
My issue is that I think the positive effect this will have is minimal,
while the impact is very extensive. I also disagree with the notion that
there is no longer a use for these algos in the present day, as there are
many technologies and systems that still use these for basic checksumming.
To make everyone go through and update these seems ridiculous to me, as
it's basically just **renaming functions**. If it goes through, I
foresee a composer package called md5-sha1-shim being a popular package.
It won't stop the people this intends to save.
Lots of effect with little gain. The warning in the documentation should
be sufficient.
Thanks,
Peter
