[TYPO3-v4] Request for comments: Separating password transmission from password comparison

[Dmitry Dulepov]

Hi!

Andreas Wolf wrote:
> YMMD. If you need a good example for unreliable APIs in the Enterprise
> CMS world, Drupal is your friend. Who broke half (or more) of their
> modules with the last major release? Who integrates new features after
> features freeze [1]?

Actually, clients do not care. One big former client told me, they go for 
Drupal, because TYPO3 is unstable and every release breaks something since 
4.2. Compared to a single Drupal break – Drupal wins.

> I know that client's view on these problems might be a different one,
> but please stay realistic. The whole authentication API seems to be
> not well documented to me, so many people hacked their way around to
> "get it working". If we now decide to change things to be more
> consistent and logical - and document them properly -, I don't see a
> reason to vote against this just because "it has always been this way".

It is always possible to make it right and compatible. But I do not object 
any more. In fact, I just removed my -2 and I will not make a single 
negative feedback to anything from now on. Let it be.

-- 
Dmitry Dulepov
TYPO3 core team member
Blog: http://dmitry-dulepov.com/
Twitter: http://twitter.com/dmitryd

Simplicity will save the world.