Re: [VOTE] Change crypt() behavior w/o salt

From:	Adam Harvey	Date:	Tue, 22 Oct 2013 17:23:56 +0000
Subject:	Re: [VOTE] Change crypt() behavior w/o salt
References:	1 2 3 4 5 6 7 8	Groups:	php.internals
Request:	Send a blank email to [email protected] to get a copy of this message

On 22 October 2013 10:21, Joe Watkins <[email protected]> wrote:
> On 10/22/2013 06:11 PM, Adam Harvey wrote:
>> "Generating an insecure weak hash as no salt was given: please ensure
>> the salt parameter is specified and uses a strong hash type in order
>> to generate a cryptographically secure hash"
>
> Wonder how well it will translate ??

I tried to use the obvious scary keywords to make it obvious. If you
think the grammar on that version is convoluted, you should have seen
the first draft. :)

> Generating should be Generated, no ??

I like the present tense here — it's what crypt() IS doing, not what
it did. Makes it urgent. That said, I'm not super fussed either way.

Adam


   

Thread (16 messages)

• Yasuo OhgakiTue, 24 Sep 2013 01:41:47 +0000
  • Pierre JoyeTue, 24 Sep 2013 02:47:12 +0000
    • William BartlettTue, 24 Sep 2013 14:13:30 +0000
  • Alexey ZakhlestinTue, 24 Sep 2013 14:22:18 +0000
    • Yasuo OhgakiWed, 25 Sep 2013 04:17:56 +0000
      • Yasuo OhgakiMon, 07 Oct 2013 08:51:13 +0000
        • Yasuo OhgakiTue, 22 Oct 2013 06:10:35 +0000
          • Joe WatkinsTue, 22 Oct 2013 07:23:54 +0000
            • Kingsquare.nl - Robin SpeekenbrinkTue, 22 Oct 2013 07:35:16 +0000
          • Andrea FauldsTue, 22 Oct 2013 09:58:48 +0000
            • Adam HarveyTue, 22 Oct 2013 17:11:00 +0000
              • Joe WatkinsTue, 22 Oct 2013 17:21:08 +0000
                • Adam HarveyTue, 22 Oct 2013 17:23:56 +0000
              • Yasuo OhgakiWed, 23 Oct 2013 00:26:39 +0000
                • Andrea FauldsWed, 23 Oct 2013 00:35:02 +0000
                  • Yasuo OhgakiTue, 29 Oct 2013 08:49:00 +0000