https://bugzilla.wikimedia.org/show_bug.cgi?id=28419
--- Comment #57 from Tyler Romeo <tylerro...@gmail.com> 2012-07-20 13:38:47 UTC --- Where the hell did everybody on MW learn the definition of clean and consistent? Think about what you're saying. Given two hashes that take the exact same options and exact same passwords, it's somehow "consistent" for it to spit out different hashes each time? That does not make any sense, nor can I think of any semantic reason that this would occur. A password hash is just a set of options and then a hash produced from the combination of the password, those options, and a hashing algorithm. Even the native PHP password hashing API, which is being implemented for PHP 5.5, the equality of crypt() and compare() holds true (they actually do exactly what I am proposing and just call crypt() and then compare the hashes). Yet for some reason MW needs an interface that supports not only any format hash ever created or even thought of, but it also has to support hashing algorithms that just decide to randomly change their formatting at will. And if your goal is to keep implementation and usage intuitive, then you've done a perfect job of throwing both out the window, because the code posted above is probably the most confusing password hashing system I have ever seen. At this point I'm can't even be sure that this is serious and I'm not just being trolled out of my mind. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
