| 1 |
On Tue, Apr 5, 2022 at 11:47 AM Jason A. Donenfeld <zx2c4@g.o> wrote: |
| 2 |
> |
| 3 |
> Hi Michal, |
| 4 |
> |
| 5 |
> On Tue, Apr 05, 2022 at 02:49:12PM +0000, Michał Górny wrote: |
| 6 |
> > > I don't really care which one we use, so long as it's not already |
| 7 |
> > > broken or too obscure/new. So in other words, any one of SHA2-256, |
| 8 |
> > > SHA2-512, SHA3, BLAKE2b, BLAKE2s would be fine with me. Can we just |
| 9 |
> > > pick one and roll with it? |
| 10 |
> > |
| 11 |
> > Back when we added BLAKE2b, the idea was to eventually remove SHA512 |
| 12 |
> > (the previous hash). However, this was rejected afterwards. |
| 13 |
> |
| 14 |
> Maybe we should pick that back up? Do you remember the ultimate |
| 15 |
> rationale for rejecting it? Do you suppose those are still valid? |
| 16 |
|
| 17 |
(Somehow you broke threading) |
| 18 |
|
| 19 |
This was a topic in June 2021's Council meeting: |
| 20 |
|
| 21 |
https://gitweb.gentoo.org/sites/projects/council.git/tree/meeting-logs/20210613-summary.txt#n33 |
| 22 |
https://gitweb.gentoo.org/sites/projects/council.git/tree/meeting-logs/20210613.txt#n137 |
| 23 |
|
| 24 |
Basically there was no great reason presented for making the change |
| 25 |
and some (IMO specious) reasons for keeping multiple hashes. I don't |
| 26 |
think anyone felt strongly enough about removing one hash to fight for |
| 27 |
it. |
Archives