Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
Not yet. I ran other tests which show SHA256 class's is fairly slow in comparison. But honestly its a PHP implementation - perfect for most open source PHP applications which can't rely on a host having mcrypt enabled. It's in the usage criteria, not the speed that the usefulness of feyd's class is apparent...
Remember: with a Factory class and some indirection, you can swap Feyd's implementation with mcrypt based on it's availability. Ah, the greatness of polymorphism.
Until its built in completely - no external library - a pure PHP implementation still has a lot of value, esp. for widely distributed open source projects.