1 |
>>>>> On Tue, 05 Apr 2022, Jason A Donenfeld wrote: |
2 |
|
3 |
> - GPG signatures are already over the SHA512 of the plain text, so |
4 |
> they security of the system already reduces to that. By choosing |
5 |
> SHA512, we don't add more risk, whilst choosing something else means |
6 |
> we're in trouble if either one has a problem. |
7 |
|
8 |
The OpenPGP signature is for the top-level Manifest only. In case there |
9 |
was any trouble, it would be trivial to change the hash algorithm used |
10 |
for this. |
11 |
|
12 |
In constrast to that, updating the hashes in all Manifest files is a |
13 |
huge pain in the neck. Basically, you must download all distfiles, which |
14 |
is not trivial. For example, think of fetch-restricted files. (I've |
15 |
helped twice with updating Manifest files, so I believe I know what I'm |
16 |
talking about. :) |
17 |
|
18 |
I think that be benefit of dropping one of the hashes would be close to |
19 |
zero, especially if we would drop the faster one. |
20 |
|
21 |
Ulrich |