HI Scott, On Thu, Jan 7, 2016 at 8:26 PM, Scott Arciszewski <sc...@paragonie.com> wrote: > Hi everyone, > > I've updated the RFC to make libsodium a core PHP extension in 7.1, to > include references to the online documentation. > > https://wiki.php.net/rfc/libsodium > > All new functions and classes would exist in the Sodium namespace. e.g. > > $ciphertext = \Sodium\crypto_box($message, $nonce, $keypair);
As much as I like libsodium, yet another extension with yet another library in the core sounds like a risk to me, long term. I would rather prefer to focus on a larger effort to provide the necessary features in the most easiest way using new APIs or existing extensions, as you mentioned already in previous discussions and in this mail. That's why I won't be in favor of bundling this one. > This is part of an overall effort to improve PHP's cryptography; up > next will be the pluggable crypto API that supports multiple backends > (with a scope limited to openssl and libsodium at the time of release) > but always provide conservative defaults. Then I'd like to look at > deprecating ext/mcrypt back to PECL and add more hash functions to > ext/hash. This is definitely the way. Thanks for your great work :) Cheers, Pierre -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
