2017-04-22 21:14 GMT+02:00 Yasuo Ohgaki <yohg...@ohgaki.net>: > Hi all, > > On Sat, Apr 15, 2017 at 9:17 AM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote: > > > My opinions are either based on concrete logic or > > recommendations based reliable sources. > > > > I improved hash_hkdf() manual farther more based on RFC 5869 > descriptions. > > https://gist.github.com/anonymous/ace4fa267f20041676f265fe58c3f1ea > > > > Please verify it again. > > > > I would like to finish documentation. > > RFC 5869 clearly states HKDF is a generic key derivation function. > > Omitting salt when key does not have enough entropy is obvious > bad practice or mistake. Even when key has enough entropy, long > life key (IKM) requires good salt for the best key security. These > could be understood from the RFC and other basic crypt theory. > > I'll commit the doc in a few days if there is no more comments on this. >
What the... there were multiple concerns regarding the changes already. I'm hereby expressing another strong -1 on these. Regards, Niklas > Andrey, (Or anyone who vote no for the PHP RFC) > > Could you show some good example hash_hkdf() usages that justify > current function signature? I suppose you should have few common and > good examples. > > I cannot think of any common/good example that uses length only or > length/info only. No good example is shown so far. > > Regards, > > -- > Yasuo Ohgaki > yohg...@ohgaki.net >
