Hello Internals, I would like to propose adding Argon2id to the password_* functions in PHP 7.3.
An RFC[1] has been prepared which covers implementation details, and some common questions & concerns that I have anticipated. This RFC also includes a tested and working implementation[2] to illustrate changes to PHP itself. The biggest question at this time is how we want to handle versioning of the Argon2 reference library. The RFC covers this issue in detail and provides a solution that ensures no BC breakage for existing users. I look forward to hearing your feedback. Thanks. [1] https://wiki.php.net/rfc/argon2_password_hash_enhancements [2]: https://github.com/php/php-src/compare/master... charlesportwoodii:argon2_password_hash_enhancements?expand=1 --- Charles R. Portwood II
