Magento2: Modern Cryptography for Magento (provided by libsodium)
I'd like to propose the adoption of sodium_compat into the next release of Magento, so that everyone can enjoy modern cryptography with misuse-resistant interfaces.
Preconditions
Before sodium_compat can be trusted, it must be audited by a competent third party. See https://github.com/paragonie/sodium_compat/issues/8 for the discussion about this initiative, and this SitePoint article for the answers to the most obvious questions you may have as you're reading this.
(If anyone at Magento Inc. is interested in contributing towards getting sodium_compat audited, please get in touch either publicly at https://github.com/paragonie/sodium_compat/issues/8 or privately at security at paragonie dot com.)
paragonie-scott
All 4 comments
@paragonie-scott thank you for your submission. We recently made some changes to the way we process GitHub submissions to more quickly identify and respond to core code issues. Feature Requests and Improvements should now be submitted to the new Magento 2 Feature Requests and Improvements forum (see details here).
veloraven
on 18 Jan 2017
According to contributor guide, tickets without response for two weeks should be closed.
If this issue still reproducible please feel free to create the new one: format new issue according to the Issue reporting guidelines: with steps to reproduce, actual result and expected result and specify Magento version.
veloraven
on 3 Feb 2017
@veloraven this is ridiculous
theofidry
on 3 Feb 2017
@veloraven Problem: After filling in my idea, it then demands that I log in or create an account. This is a dark pattern; it should require authentication before anyone wastes their time filling out a form.
I don't want to create an account. Feel free to add this there if you want.
paragonie-scott
on 3 Feb 2017
Related issues
salelsol
路
3Comments
andreaskoch
路
3Comments
MauroNigrele
路
3Comments
PascalBrouwers
路
3Comments
spyrule
路
3Comments