[TYPO3-core] RFC #9852: Feature: Provide a random byte generator in TYPO3 Core
Dmitry Dulepov
dmitry.dulepov at gmail.com
Sat Nov 29 10:37:24 CET 2008
Hi!
Xavier Perseguers wrote:
> Then I suggest you post a RFC for patching the OpenID sysext. But please
> write your thought on how you calculated the entropy for both methods.
> Not all of us are very confortable with entropy calculation out of a
> block of code but I guess many more will be able to understand why your
> code is more secure out of a few mathematical operations.
That code is in the 3rd party library. We should avoid patching that
as much as we can because it complicates upgrades. But if it is
changes, it must be clearly marked (license requirement) and patch
file in the sysext must be updated accordingly.
--
Dmitry Dulepov
TYPO3 translations support
My TYPO3 book: http://www.packtpub.com/typo3-extension-development/book
In the blog:
http://typo3bloke.net/post-details/typo3_43_cache_and_memcached_fix_ready/
More information about the TYPO3-team-core
mailing list