1 |
> On 6 Apr 2022, at 01:15, Jason A. Donenfeld <zx2c4@g.o> wrote: |
2 |
> |
3 |
> Hi Sam, |
4 |
> |
5 |
> On Wed, Apr 6, 2022 at 2:02 AM Sam James <sam@g.o> wrote: |
6 |
>> This matches my views and recollection. We could revisit it |
7 |
>> if there was a passionate advocate (which it looks like there may well be). |
8 |
>> |
9 |
>> While I wasn't against it before, I was sort of ambivalent given |
10 |
>> we had no strong reason to, but I'm more willing now given |
11 |
>> we're also cleaning out other Portage cruft at the same time. |
12 |
> |
13 |
> I think actually the argument I'm making this time might be subtly |
14 |
> different from the motions that folks went through last year. |
15 |
> Specifically, the idea last year was to switch to using BLAKE2b only. |
16 |
> I think what the arguments I'm making now point to is switching to |
17 |
> SHA2-512 only. |
18 |
|
19 |
Oh, right. I see! |
20 |
|
21 |
(Aside: I should've been clearer in my first email, what I meant was: I'm |
22 |
fine with revisiting this, but I remember us feeling kind of lacklustre because |
23 |
even the proposer (mgorny) ended up not having the oomph to push it through |
24 |
given (small) opposition. I don't recall who had the stiff opposition at the time, |
25 |
but I do recall it was only small, but nobody really felt like it was worth the hassle. |
26 |
|
27 |
The overall Council feeling was "meh" without some momentum.) |
28 |
|
29 |
|
30 |
> There are two reasons for this. |
31 |
> |
32 |
> 1) Security: since the GPG signatures use SHA2-512, then the whole |
33 |
> system breaks if SHA2-512 breaks. If we choose BLAKE2b as our only |
34 |
> hash, then if either SHA2-512 or BLAKE2b break, then the system |
35 |
> breaks. But if we choose SHA2-512 as our only hash, then we only need |
36 |
> to worry about SHA2-512 breaking. |
37 |
> |
38 |
> 2) Comparability: other distros use SHA2-512, as well as various |
39 |
> upstreams, which means we can compare our hashes to theirs easily. |
40 |
> |
41 |
> A reason why some people might prefer BLAKE2b over SHA2-512 is a |
42 |
> performance improvement. However, seeing as right now we're opening |
43 |
> the file, reading it, computing BLAKE2b, closing the file, opening the |
44 |
> file again, reading it again, computing SHA2-512, closing the file, I |
45 |
> don't think performance is actually something people care about. Seen |
46 |
> differently, removing either one of them will already give us a |
47 |
> performance "boost" or sorts. |
48 |
> |
49 |
|
50 |
I think this seems pretty reasonable and I don't have any objection to it. |
51 |
|
52 |
2) is a nice point and it's something Robin raised last time around too. |
53 |
|
54 |
> Jason |
55 |
|
56 |
best, |
57 |
sam |