| 1 |
Michał Górny schrieb: |
| 2 |
> Oh, and most notably, the speed loss will be mostly visible to users. |
| 3 |
> An attacker would have to compute the additional hashes only |
| 4 |
> if the fastest hash already matched, i.e. rarely. Users will have to |
| 5 |
> compute them all the time. |
| 6 |
|
| 7 |
That is currently the case with portage, but not an inevitable consequence of |
| 8 |
having 3 hash functions in the Manifest. Portage could be made to check only |
| 9 |
one or two of them (even by default), giving the tie-breaking ability to |
| 10 |
those who need it, and speeding up things for those who don't. |
| 11 |
|
| 12 |
|
| 13 |
Best regards, |
| 14 |
Chí-Thanh Christopher Nguyễn |
Archives