On Mon, May 07, 2007 at 06:37:29PM -0700, Sara Golemon wrote: > Ditto Richard's comments about false-implications of security, but I'd > also like to add that *IF* folks decide on the whole that this is > worth adding, it should be done more generically than a setting for > md5 and a setting for sha1.
I appreciate your suggestion. > If someone (for some reason) has ext/hash disabled (it's > enabled-by-default since 5.1.2), then they just won't get a hash. Or, we could resort to ext/standard/{md5|sha1} to make these two hashes always available, like the Session extension does. But this double strategy would complicate the code in rfc1867.c and yield very marginal gain. If there's enough interest in this, I will rework the patch according to Sara's hint. Cheers, David -- David Santinoli Tieffe Sistemi S.r.l. viale Piceno 21, Milano www.tieffesistemi.com tel. +39 02 45490882 -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php