Hi all, Due to a defect in the RFC, vote is reopened for a week. Removed lines are indicated by <del></del>. No additional lines nor modifications other than removed lines for session.use_strict_mode change. Sorry for the confusion!
============ Currently session module uses obsolete MD5 for session ID. With CSPRNG, hashing is redundant and needless. It adds hash module dependency and inefficient (There is no reason to use hash for CSPRNG generated bytes). This proposal cleans up session code by removing hash. https://wiki.php.net/rfc/session-id-without-hashing I set vote requires 2/3 support. Please describe the reason why when you against this RFC. Reasons are important for improvements! Thank you! -- Yasuo Ohgaki yohg...@ohgaki.net -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
