>
> So my question here is - how important task is switching crypto backends
> easily? Moreover, what would be the reason for me, as an app developer,
> to target more than one crypto backend? I can see why I may want to
> target mysql and say, SQL server - these two platforms have different
> adva
On Wed, Aug 5, 2015 at 3:40 AM, Bob Weinand wrote:
>
>> Am 3.8.2015 um 22:54 schrieb Scott Arciszewski :
>>
>> Hi,
>>
>> I would like to make it easier for PHP developers to implement
>> cryptography features in their applications. I intend to work on some
>> of these ideas and submit them for inc
On Wed, Aug 5, 2015 at 2:22 AM, Scott Arciszewski wrote:
> This isn't a replacement, they're alternatives. -> means related to in
> this case, not "becomes" :)
>
> Or do you mean to add a parameter to the existing functions to make
> them constant time?
Yes, when it makes sense (for most it may)
On Tue, Aug 4, 2015 at 10:18 PM, Scott Arciszewski wrote:
> On Tue, Aug 4, 2015 at 8:55 PM, Stanislav Malyshev
> wrote:
>> Hi!
>>
>>> The idea here isn't too far removed from what PDO does versus mysql_*,
>>> mssql_*, pgsql_*, etc. except it's probably more critical: Switch
>>> crypto backends w
On Tue, Aug 4, 2015 at 8:55 PM, Stanislav Malyshev wrote:
> Hi!
>
>> The idea here isn't too far removed from what PDO does versus mysql_*,
>> mssql_*, pgsql_*, etc. except it's probably more critical: Switch
>> crypto backends with almost zero refactoring; just change your
>> constructor.
>
> So
Hi!
> The idea here isn't too far removed from what PDO does versus mysql_*,
> mssql_*, pgsql_*, etc. except it's probably more critical: Switch
> crypto backends with almost zero refactoring; just change your
> constructor.
So my question here is - how important task is switching crypto backends
Hi!
> of the storage formats. Similar to the headers used by TLS and other
> formats. That way anyone can build to the specification, which would
> be maintained along side the implementation.
I'm not a big fan of the idea that to talk to the PHP script, I will
have now to have yet another set of
Hi!
> We're still discussing the DSN string for the constructor. These are
> what the options look like, currently:
I think it's better to separate the arguments. I understand why PDO
makes such strings - there can be all kinds of options, and it's hard to
configure - i.e. in ini files - if it's
Hi Christoph,
> -Original Message-
> From: Christoph Becker [mailto:cmbecke...@gmx.de]
> Sent: Tuesday, August 4, 2015 7:40 PM
> To: Anatol Belski ; 'Christoph Becker'
> ; 'Pierre Joye'
> Cc: 'PHP internals'
> Subject: Re: [PHP-DEV] PCRE JIT stack size limit
>
> On 04.08.2015 at 16:33,
> Am 3.8.2015 um 22:54 schrieb Scott Arciszewski :
>
> Hi,
>
> I would like to make it easier for PHP developers to implement
> cryptography features in their applications. I intend to work on some
> of these ideas and submit them for inclusion in PHP 7.1.
>
> Some of these might be familiar to
> Am 04.08.2015 um 19:47 schrieb Stephen Coakley :
>
>> [...]
>
> My thought is that no, a number of people don't know what a mailing list is
> (obviously no one in here already), but everyone knows what a forum is. The
> web is everywhere and is taking over the world, whereas mailing lists a
> On Aug 4, 2015, at 12:12 PM, Lester Caine wrote:
>
>> On 04/08/15 17:12, Terry Cullen wrote:
>> Redmine would be a good option. http://www.redmine.org/
>>
>> The feature list has most everything covered in this thread.
>> http://www.redmine.org/projects/redmine/wiki/Features
>
> Feature lis
On Tue, Aug 4, 2015 at 11:50 AM, Pierre Joye wrote:
> On Tue, Aug 4, 2015 at 3:54 AM, Scott Arciszewski wrote:
>> Hi,
>>
>> I would like to make it easier for PHP developers to implement
>> cryptography features in their applications. I intend to work on some
>> of these ideas and submit them for
On 04/08/15 17:12, Terry Cullen wrote:
> Redmine would be a good option. http://www.redmine.org/
>
> The feature list has most everything covered in this thread.
> http://www.redmine.org/projects/redmine/wiki/Features
Feature list is nice, but is PHP really unable to provide a similar service?
On 04.08.2015 at 19:30, Stephen Coakley wrote:
> On 08/04/2015 11:36 AM, Ferenc Kovacs wrote:
>
>> maybe it just me, but it seems to me, that every time this idea is
>> brought
>> up, not many people from the actual participants of the list speak up,
>> but
>> bunch of people who never before sent
On 08/04/2015 12:28 PM, Florian Anderiasch wrote:
On 08/03/2015 12:22 AM, Stephen Coakley wrote:
Personally, I'd like to see the mailing list move to a forum-type
system. Lower barrier of entry, more visible archives, and more modern
medium that supports other kinds of attachments and whatnot.
On 04.08.2015 at 16:33, Anatol Belski wrote:
>> -Original Message-
>> From: Christoph Becker [mailto:cmbecke...@gmx.de]
>> Sent: Tuesday, August 4, 2015 1:16 PM
>> To: Anatol Belski ; 'Christoph Becker'
>> ; 'Pierre Joye'
>> Cc: 'PHP internals'
>> Subject: Re: [PHP-DEV] PCRE JIT stack si
On 08/04/2015 11:36 AM, Ferenc Kovacs wrote:
On Tue, Aug 4, 2015 at 6:12 PM, Terry Cullen wrote:
On Tuesday, 4 August 2015, Johannes Schlüter
wrote:
On Sun, 2015-08-02 at 17:15 -0500, Stephen Coakley wrote:
You have to admit, NNTP news is an aging technology, with fewer and
fewer readers a
On Tue, Aug 4, 2015 at 7:18 PM, Scott Arciszewski
wrote:
> On Tue, Aug 4, 2015 at 12:36 PM, Ferenc Kovacs wrote:
> > On Tue, Aug 4, 2015 at 6:12 PM, Terry Cullen wrote:
> >
> >> On Tuesday, 4 August 2015, Johannes Schlüter
> >> wrote:
> >>
> >> > On Sun, 2015-08-02 at 17:15 -0500, Stephen Coak
On 08/03/2015 12:22 AM, Stephen Coakley wrote:
> Personally, I'd like to see the mailing list move to a forum-type
> system. Lower barrier of entry, more visible archives, and more modern
> medium that supports other kinds of attachments and whatnot.
>
I don't buy the "lower barrier of entry" ar
On Tue, Aug 4, 2015 at 12:36 PM, Ferenc Kovacs wrote:
> On Tue, Aug 4, 2015 at 6:12 PM, Terry Cullen wrote:
>
>> On Tuesday, 4 August 2015, Johannes Schlüter
>> wrote:
>>
>> > On Sun, 2015-08-02 at 17:15 -0500, Stephen Coakley wrote:
>> > > You have to admit, NNTP news is an aging technology, wi
On Tue, Aug 4, 2015 at 6:12 PM, Terry Cullen wrote:
> On Tuesday, 4 August 2015, Johannes Schlüter
> wrote:
>
> > On Sun, 2015-08-02 at 17:15 -0500, Stephen Coakley wrote:
> > > You have to admit, NNTP news is an aging technology, with fewer and
> > > fewer readers available as time goes on. Now
On Tuesday, 4 August 2015, Johannes Schlüter wrote:
> On Sun, 2015-08-02 at 17:15 -0500, Stephen Coakley wrote:
> > You have to admit, NNTP news is an aging technology, with fewer and
> > fewer readers available as time goes on. Nowadays (for graphical
> > clients), there's Pan, and Thunderbird,
On Tue, Aug 4, 2015 at 2:23 PM, Stanislav Malyshev wrote:
>> * Adding streaming encryption/decryption support to OpenSSL
>
> Hm... Implementing streaming cyphers right is not trivial, and if we'd
> be doing our own crypto (as opposed to providing API to existing
> libraries) we need a real lot of
On Tue, Aug 4, 2015 at 3:54 AM, Scott Arciszewski wrote:
> Hi,
>
> I would like to make it easier for PHP developers to implement
> cryptography features in their applications. I intend to work on some
> of these ideas and submit them for inclusion in PHP 7.1.
Awesome and long due work :)
> Some
On Tue, Aug 4, 2015 at 2:22 PM, Nicolas Grekas wrote:
> Hello,
>
> I reported this bug one year ago (https://bugs.php.net/67220) and it is
> now
> closed as "not a bug". I'd like this to be reconsidered.
>
> The documentation of realpath() says:
>
> > realpath() expands all symbolic links and re
> -Original Message-
> From: Christoph Becker [mailto:cmbecke...@gmx.de]
> Sent: Tuesday, August 4, 2015 1:16 PM
> To: Anatol Belski ; 'Christoph Becker'
> ; 'Pierre Joye'
> Cc: 'PHP internals'
> Subject: Re: [PHP-DEV] PCRE JIT stack size limit
>
> I didn't mean to store all patterns in
Hi Anthony,
Am 04.08.2015 um 15:25 schrieb Anthony Ferrara:
> Lauri,
>
> On Tue, Aug 4, 2015 at 9:12 AM, Lauri Kenttä wrote:
>> On 2015-08-04 14:54, Scott Arciszewski wrote:
>>>
>>> we do not allow secure modes
>>
>> I hope that was a typo... ;)
>
> Indeed, it was not.
>
> If you want to build
On Tue, Aug 4, 2015 at 2:13 PM, Scott Arciszewski
wrote:
> On Tue, Aug 4, 2015 at 8:57 AM, Jakub Zelenka wrote:
> > Hi,
> >
> > On Mon, Aug 3, 2015 at 9:54 PM, Scott Arciszewski
> > wrote:
> >>
> >> Hi,
> >>
> >> I would like to make it easier for PHP developers to implement
> >> cryptography f
Lauri,
On Tue, Aug 4, 2015 at 9:12 AM, Lauri Kenttä wrote:
> On 2015-08-04 14:54, Scott Arciszewski wrote:
>>
>> we do not allow secure modes
>
>
> I hope that was a typo... ;)
Indeed, it was not.
The concept for this (I've been working with Scott on it) is that this
should be a high-level abst
On Tue, Aug 4, 2015 at 8:57 AM, Jakub Zelenka wrote:
> Hi,
>
> On Mon, Aug 3, 2015 at 9:54 PM, Scott Arciszewski
> wrote:
>>
>> Hi,
>>
>> I would like to make it easier for PHP developers to implement
>> cryptography features in their applications. I intend to work on some
>> of these ideas and s
On 2015-08-04 14:54, Scott Arciszewski wrote:
we do not allow secure modes
I hope that was a typo... ;)
On 2015-08-04 14:54, Scott Arciszewski wrote:
Version and configuration information (not what is passed, but what is
used) will be stored in the first few bytes of ciphertext output.
Will
Hi,
On Mon, Aug 3, 2015 at 9:54 PM, Scott Arciszewski
wrote:
> Hi,
>
> I would like to make it easier for PHP developers to implement
> cryptography features in their applications. I intend to work on some
> of these ideas and submit them for inclusion in PHP 7.1.
>
> Some of these might be fami
>
> >> Hi Peter,
> >>
> >> It's not really a "made-up string format", in the sense that it has a
> >> precedent (PDO).
> >>
> >
> > True, and that format sucks royally. It trips people up.
> >
> > Combining several arguments into one string is bad design. If it was good
> > design, you'd see userla
Hello,
I reported this bug one year ago (https://bugs.php.net/67220) and it is now
closed as "not a bug". I'd like this to be reconsidered.
The documentation of realpath() says:
> realpath() expands all symbolic links and resolves references to '/./',
> '/../' and extra '/' characters in the in
On Tue, Aug 4, 2015 at 8:06 AM, Peter Lind wrote:
> On 4 August 2015 at 13:56, Scott Arciszewski wrote:
>>
>>
>> Hi Peter,
>>
>> It's not really a "made-up string format", in the sense that it has a
>> precedent (PDO).
>>
>
> True, and that format sucks royally. It trips people up.
>
> Combining
On 4 August 2015 at 13:56, Scott Arciszewski wrote:
>
> Hi Peter,
>
> It's not really a "made-up string format", in the sense that it has a
> precedent (PDO).
>
>
True, and that format sucks royally. It trips people up.
Combining several arguments into one string is bad design. If it was good
de
On Tue, Aug 4, 2015 at 4:26 AM, Peter Lind wrote:
> On 4 August 2015 at 10:13, Lauri Kenttä wrote:
>>
>> On 2015-08-03 23:54, Scott Arciszewski wrote:
>>>
>>> $AES = new \PCO\Symmetric('openssl:cipher=AES-128');
>>
>>
>> It would be great if you could just ask for cipher=AES-128 without
>> ex
On Tue, Aug 4, 2015 at 4:13 AM, Lauri Kenttä wrote:
> On 2015-08-03 23:54, Scott Arciszewski wrote:
>>
>> $AES = new \PCO\Symmetric('openssl:cipher=AES-128');
>
>
> It would be great if you could just ask for cipher=AES-128 without
> explicitly specifying the provider (openssl).
>
> --
> Lauri
On Tue, Aug 4, 2015 at 3:23 AM, Stanislav Malyshev wrote:
> Hi!
>
>> 1. Pluggable Cryptography Frontend
>>
>> Work is currently underway for a PHP prototype for this idea
>> originally suggested by ircmaxell, that will basically be like PDO for
>> cryptography. Our current project name, subject to
Hi Anatol,
On 04.08.2015 at 11:24, Anatol Belski wrote:
> Hi Christoph,
>
>> -Original Message-
>> From: Christoph Becker [mailto:cmbecke...@gmx.de]
>> Sent: Tuesday, August 4, 2015 2:35 AM
>> To: Anatol Belski ; 'Christoph Becker'
>> ; 'Pierre Joye'
>> Cc: 'PHP internals'
>> Subject:
Hi Christoph,
> -Original Message-
> From: Christoph Becker [mailto:cmbecke...@gmx.de]
> Sent: Tuesday, August 4, 2015 2:35 AM
> To: Anatol Belski ; 'Christoph Becker'
> ; 'Pierre Joye'
> Cc: 'PHP internals'
> Subject: Re: [PHP-DEV] PCRE JIT stack size limit
>
> On 27.07.2015 at 13:28,
On 4 August 2015 at 10:13, Lauri Kenttä wrote:
> On 2015-08-03 23:54, Scott Arciszewski wrote:
>
>> $AES = new \PCO\Symmetric('openssl:cipher=AES-128');
>>
>
> It would be great if you could just ask for cipher=AES-128 without
> explicitly specifying the provider (openssl).
>
>
Even better wo
On 2015-08-03 23:54, Scott Arciszewski wrote:
$AES = new \PCO\Symmetric('openssl:cipher=AES-128');
It would be great if you could just ask for cipher=AES-128 without
explicitly specifying the provider (openssl).
--
Lauri Kenttä
--
PHP Internals - PHP Runtime Development Mailing List
To
Results for project php-src-nightly, build date 2015-08-04 05:00:00+03:00
commit: e39c525df8de10d69a40177964128dc07ee94c5b
revision_date:2015-08-04 03:37:41+02:00
environment: Haswell-EP
cpu: Intel(R) Xeon(R) CPU E5-2699 v3 @ 2.30GHz 2x18 cores, stepping 2,
LLC 45 MB
Hi!
> 1. Pluggable Cryptography Frontend
>
> Work is currently underway for a PHP prototype for this idea
> originally suggested by ircmaxell, that will basically be like PDO for
> cryptography. Our current project name, subject to change, is PHP
> Crypto Objects (PCO).
It would be nice to see f
46 matches
Mail list logo
