On 10 December 2014 at 18:31, Andrea Faulds <a...@ajf.me> wrote: > > It’s my understanding that ext/mcrypt is quite widely used. Would it not be > possible to update the lib to use OpenSSL or something on the backend, so > existing applications would not need changing? >
Focusing on the "or something". What are our options outside of OpenSSL? We could probably cover all of the features of mcrypt by compiling our own library from a selection of proven public domain or GPL sources if there is nothing that fits the bill exactly. That would give us the flexibility to pick the features we want. I wouldn't object to something a little more current in PHP 7 with an mcrypt polyfill. Crypto is a touchy subject though, so what are our options? -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
