Gentoo Archives: gentoo-dev

From: Luca Barbato <lu_zero@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] [RFC] Removing SHA512 hash from Manifests
Date: Sun, 25 Jul 2021 14:45:02
Message-Id: f882d703-c3e3-0a0f-656b-6f3acf99e66c@gentoo.org
In Reply to: [gentoo-dev] [RFC] Removing SHA512 hash from Manifests by "Michał Górny"
1 On 24/07/21 17:16, Michał Górny wrote:
2 > Hi, everyone.
3 >
4 > I've been asked to repost the idea of removing SHA512 hash from
5 > Manifests, effectively limiting them to BLAKE2B.
6 >
7 > The 'old' set of Gentoo hashes including SHA512 went live in July 2012.
8 > In November 2017, we have decided to remove the two other hashes and add
9 > BLAKE2B in their stead. Today, all Gentoo packages are using BLAKE2B
10 > and SHA512 hashes.
11 >
12 > To all extent, this is purely a cosmetic change. The benefit from
13 > removing the additional hash is negligible, both from space perspective
14 > and hashing speed perspective. The benefit from keeping two hashes is
15 > also negligible.
16 >
17 > Back during the 2017 discussion, Infra came to the conclusion that we're
18 > going to keep SHA512 for a transition period, then remove it, and stay
19 > with a single hash algorithm. In my opinion, we have kept it long
20 > enough.
21 >
22 > WDYT?
23 >
24
25 I'd remove it once we have a second hash to add and/or BLAKE2B is
26 widespread enough on upstream.
27
28 lu