| 1 |
> On 6 Apr 2022, at 01:15, Jason A. Donenfeld <zx2c4@g.o> wrote: |
| 2 |
> |
| 3 |
> Hi Sam, |
| 4 |
> |
| 5 |
> On Wed, Apr 6, 2022 at 2:02 AM Sam James <sam@g.o> wrote: |
| 6 |
>> This matches my views and recollection. We could revisit it |
| 7 |
>> if there was a passionate advocate (which it looks like there may well be). |
| 8 |
>> |
| 9 |
>> While I wasn't against it before, I was sort of ambivalent given |
| 10 |
>> we had no strong reason to, but I'm more willing now given |
| 11 |
>> we're also cleaning out other Portage cruft at the same time. |
| 12 |
> |
| 13 |
> I think actually the argument I'm making this time might be subtly |
| 14 |
> different from the motions that folks went through last year. |
| 15 |
> Specifically, the idea last year was to switch to using BLAKE2b only. |
| 16 |
> I think what the arguments I'm making now point to is switching to |
| 17 |
> SHA2-512 only. |
| 18 |
|
| 19 |
Oh, right. I see! |
| 20 |
|
| 21 |
(Aside: I should've been clearer in my first email, what I meant was: I'm |
| 22 |
fine with revisiting this, but I remember us feeling kind of lacklustre because |
| 23 |
even the proposer (mgorny) ended up not having the oomph to push it through |
| 24 |
given (small) opposition. I don't recall who had the stiff opposition at the time, |
| 25 |
but I do recall it was only small, but nobody really felt like it was worth the hassle. |
| 26 |
|
| 27 |
The overall Council feeling was "meh" without some momentum.) |
| 28 |
|
| 29 |
|
| 30 |
> There are two reasons for this. |
| 31 |
> |
| 32 |
> 1) Security: since the GPG signatures use SHA2-512, then the whole |
| 33 |
> system breaks if SHA2-512 breaks. If we choose BLAKE2b as our only |
| 34 |
> hash, then if either SHA2-512 or BLAKE2b break, then the system |
| 35 |
> breaks. But if we choose SHA2-512 as our only hash, then we only need |
| 36 |
> to worry about SHA2-512 breaking. |
| 37 |
> |
| 38 |
> 2) Comparability: other distros use SHA2-512, as well as various |
| 39 |
> upstreams, which means we can compare our hashes to theirs easily. |
| 40 |
> |
| 41 |
> A reason why some people might prefer BLAKE2b over SHA2-512 is a |
| 42 |
> performance improvement. However, seeing as right now we're opening |
| 43 |
> the file, reading it, computing BLAKE2b, closing the file, opening the |
| 44 |
> file again, reading it again, computing SHA2-512, closing the file, I |
| 45 |
> don't think performance is actually something people care about. Seen |
| 46 |
> differently, removing either one of them will already give us a |
| 47 |
> performance "boost" or sorts. |
| 48 |
> |
| 49 |
|
| 50 |
I think this seems pretty reasonable and I don't have any objection to it. |
| 51 |
|
| 52 |
2) is a nice point and it's something Robin raised last time around too. |
| 53 |
|
| 54 |
> Jason |
| 55 |
|
| 56 |
best, |
| 57 |
sam |
Archives