Add recommendations for best practices to documentation #79
Comments
|
I'm trying to set up a separate module that uses the Defuse PHP Encryption library for Encrypt. I'm a bit confused as to which would be the recommended version of the library to use. |
|
Right, 2.0 is still being developed, so 1.2.1 is the one to recommend at this point. And yes, it uses 128-bit keys. Real AES was written before 2.x existed, so it does not specify a version. I will look into that and submit a patch to Real AES to make sure it's ready when 2.x is. |
|
From glancing at the code and used namespaces, I thought Real AES did use the 2.x version. Should be double-checked though. @nerdstein and me are looking into integrating the Defuse library for D8 Encrypt now - see https://www.drupal.org/sandbox/nerdstein/2669882 |
|
OK, so you're planning to have a new module that uses the Defuse library, instead of upgrading Real AES? There's an issue to do the latter; we should try to get that closed, if we'll be providing a D8 alternative. I would prefer not to have multiple modules that employ the library. |
|
Yes probably it would be better to keep things centralised, but I was just trying to get some working code in a (sandbox) repo, without having to go to the patch posting process. We can try to get in touch with Heine and provide a patch to create the 8.x branch of real_aes. |
|
Patch for real_aes created: https://www.drupal.org/node/2613682 |
|
moved this issue to drupal.org, to add extra documentation if desired: https://www.drupal.org/node/2678082 |
The Encrypt module's documentation should include very thorough and specific recommendations for:
We can provide links to articles or documentation to support our positions.
The text was updated successfully, but these errors were encountered: