Paragon Initiative Enterprises
@paragoninitiativeenterprises on WordPress.org, @paragonie on Slack
Bio
- Member Since: November 18th, 2016
- Website: paragonie.com
Contribution History
Paragon Initiative Enterprises’s badges:- Core Contributor
Mentioned in [60029] on Core SVN:
Security: Update bundled Root Certificates.Mentioned in [60028] on Core SVN:
Security: Update bundled Root Certificates.Mentioned in [60027] on Core SVN:
Security: Update bundled Root Certificates.Mentioned in [60026] on Core SVN:
Security: Update bundled Root Certificates.Mentioned in [60025] on Core SVN:
Security: Update bundled Root Certificates.Mentioned in [59904] on Core SVN:
Security: Reduce the length of the hash returned by `wp_fast_hash()` so it can be used in the `user_activation_key` field when a legacy database schema is still in use.Mentioned in [59828] on Core SVN:
Security: Switch to using bcrypt for hashing user passwords and BLAKE2b for hashing application passwords and security keys.Mentioned in [58752] on Core SVN:
Upgrade/Install: Update sodium_compat to v1.21.1.Mentioned in [55699] on Core SVN:
Upgrade/Install: Update sodium_compat to v1.20.0.Mentioned in [54310] on Core SVN:
Upgrade/Install: Update sodium_compat to v1.19.0.Mentioned in [54150] on Core SVN:
Upgrade/Install: Update sodium_compat to v1.18.0.Mentioned in [52988] on Core SVN:
Upgrade/Install: Update sodium_compat to v1.17.1.Mentioned in [52742] on Core SVN:
External Libraries: Update random_compat to version 2.0.21.Mentioned in [51171] on Core SVN:
Upgrade/Install: Update sodium_compat to v1.16.1.Mentioned in [51002] on Core SVN:
Upgrade/Install: Update sodium_compat to v1.16.1.Created ticket #53274 on Core Trac:
Update sodium_compat to v1.16.1Created ticket #49200 on Core Trac:
Allow Developers to Cryptographically Sign Their Own Plugins/Themes ...Mentioned in [46859] on Core SVN:
Upgrade/Install: Update sodium_compat to v1.12.1.Mentioned in [46858] on Core SVN:
Upgrade/Install: Update sodium_compat to v1.12.1.Created ticket #48371 on Core Trac:
Update sodium_compat to v1.12.0Mentioned in [46094] on Core SVN:
HTTP: Update the Root Certificate bundle.Wrote a comment on the post SSL for auto updates, on the site Make WordPress Core:
Your host's certificate support is, frankly, irrelevant. However, you should feel free to name and…Wrote a comment on the post SSL for auto updates, on the site Make WordPress Core:
Browser <--A--> WordPress blog <--B--> Update ServerWrote a comment on the post SSL for auto updates, on the site Make WordPress Core:
Right now my sites don’t use https b/c I can’t afford to buy the SSL…Wrote a comment on the post SSL for auto updates, on the site Make WordPress Core:
This has nothing to do with your frontend site using SSL/TLS or not. (Point of…Wrote a comment on the post SSL for auto updates, on the site Make WordPress Core:
You're totally misunderstanding. SSL between Firefox/Chrome and YourBlog.com, versus SSL between YourBlog.com and api.wordpress.org. We're…Wrote a comment on the post SSL for auto updates, on the site Make WordPress Core:
What exactly prevents you from using SSL?Wrote a comment on the post SSL for auto updates, on the site Make WordPress Core:
Point of order: I would highly recommend keeping the signatures in place for core updates.…Wrote a comment on the post Security in 5.2, on the site Make WordPress Core:
They're morally equivalent. https://paragonie.com/blog/2017/06/libsodium-quick-reference-quick-comparison-similar-functions-and-which-one-use#crypto-aead https://paragonie.com/blog/2017/06/libsodium-quick-reference-quick-comparison-similar-functions-and-which-one-use#crypto-secretboxMentioned in [45356] on Core SVN:
Upgrade/Install: Don't run signature verify on slow 32-bit systems.Mentioned in [45355] on Core SVN:
Upgrade/Install: Update `sodium_compat` to v1.10.0.Mentioned in [45345] on Core SVN:
Upgrade/Install: Don't run signature verify on slow 32-bit systems.Mentioned in [45344] on Core SVN:
Upgrade/Install: Update sodium_compat to v1.10.0.Reopened ticket #47186 on Core Trac:
At least one function in /wp-includes/sodium_compat/src/Core32 times ...Closed ticket #47186 on Core Trac:
At least one function in /wp-includes/sodium_compat/src/Core32 times ...Mentioned in [44954] on Core SVN:
Upgrade/Install: Add experimental package signing to some updates.Mentioned in [44953] on Core SVN:
General: Add sodium_compat library for crypto APIs in PHP < 7.2Created ticket #45807 on Core Trac:
CA Bundle is way out of dateCreated ticket #45806 on Core Trac:
Add sodium_compat -- a libsodium-compatible cryptography API for PHP <7.2Wrote a comment on the post Dev Chat Agenda: October 24th (5.0 Week 4), on the site Make WordPress Core:
#39309 needs WordPress.org core team focus. In light of https://arstechnica.com/information-technology/2018/10/two-new-supply-chain-attacks-come-to-light-in-less-than-a-week/ it's unacceptable for the WordPress.org…Reopened ticket #39309 on Core Trac:
Secure WordPress Against Infrastructure AttacksClosed ticket #39309 on Core Trac:
Secure WordPress Against Infrastructure AttacksClosed ticket #39499 on Core Trac:
Migrate Password Hashing from 8192 rounds of salted MD5 to Argon2i v1.3Created ticket #39499 on Core Trac:
Migrate Password Hashing from 8192 rounds of salted MD5 to Argon2i v1.3Created ticket #39309 on Core Trac:
Secure WordPress Against Infrastructure Attacks