| 1 |
>>>>> On Tue, 05 Apr 2022, Jason A Donenfeld wrote: |
| 2 |
|
| 3 |
> - GPG signatures are already over the SHA512 of the plain text, so |
| 4 |
> they security of the system already reduces to that. By choosing |
| 5 |
> SHA512, we don't add more risk, whilst choosing something else means |
| 6 |
> we're in trouble if either one has a problem. |
| 7 |
|
| 8 |
The OpenPGP signature is for the top-level Manifest only. In case there |
| 9 |
was any trouble, it would be trivial to change the hash algorithm used |
| 10 |
for this. |
| 11 |
|
| 12 |
In constrast to that, updating the hashes in all Manifest files is a |
| 13 |
huge pain in the neck. Basically, you must download all distfiles, which |
| 14 |
is not trivial. For example, think of fetch-restricted files. (I've |
| 15 |
helped twice with updating Manifest files, so I believe I know what I'm |
| 16 |
talking about. :) |
| 17 |
|
| 18 |
I think that be benefit of dropping one of the hashes would be close to |
| 19 |
zero, especially if we would drop the faster one. |
| 20 |
|
| 21 |
Ulrich |
Archives