On 11 January 2016 at 09:12, Rouven Weßling <m...@rouvenwessling.de> wrote:
> > > On 11 Jan 2016, at 07:57, Scott Arciszewski <sc...@paragonie.com> wrote: > > > > Does adding Argon2 as a possible choice for password_hash() + > > password_verify() need an RFC? Or can I just submit a pull request? > > The original RFC (https://wiki.php.net/rfc/password_hash) contained the > following text: > > > I'd propose the following policy for updating the default hashing > algorithm in future releases of PHP. > > > > * Any new algorithm must be in core for at least 1 full release of PHP > prior to becoming default. So if scrypt is added in 5.5.5, it wouldn't be > eligible for default until 5.7 (since 5.6 would be the full release). But > if jcrypt (making it up) was added in 5.6.0, it would also be eligible for > default at 5.7.0. > > * The default should only change on a full release (5.6.0, 6.0.0, etc) > and not on a revision release. The only exception to this is in an > emergency when a critical security flaw is found in the current default. > > * For a normal (non-emergency) change in default, an RFC shall be issued > for the update of the default algorithm, following normal RFC rules. > > So technically I don’t think it would be necessary to have an RFC to add > another algorithm, though I think it might be nice as this is certainly a > place where things shouldn’t be changed willy nilly. > > > It won't be changing the default in 7.1, and IIRC this sort of change > > was already agreed upon as part of the original password_hash() RFC. > > I’m not really qualified to discuss the merits of the algorithm but a > couple of questions: > > * Is there already a crypt scheme for Argon2? Or are there any efforts to > define one? It would good if PHP wouldn’t be an island. > * Back in July, when it won the PHC, it wasn’t deemed production ready as > they wanted to make a few tweaks. Is that completed? > * Are you proposing to use Argon2d or Argon2i? > > Lastly, I think it would be a good start to implement Argon2 in ext-hash. > > Best regards > Rouven > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > > I was considering the same for adding scrypt; however there (isn't|wasn't|I couldn't find) a crypt scheme for it and having a custom algorithm identifier for php seemed like a bad idea. ~C
