| 1 |
>>>>> On Wed, 06 Apr 2022, Jason A Donenfeld wrote: |
| 2 |
|
| 3 |
> I think actually the argument I'm making this time might be subtly |
| 4 |
> different from the motions that folks went through last year. |
| 5 |
> Specifically, the idea last year was to switch to using BLAKE2b only. |
| 6 |
> I think what the arguments I'm making now point to is switching to |
| 7 |
> SHA2-512 only. |
| 8 |
|
| 9 |
Still, I think that if we drop one of the hashes then we should proceed |
| 10 |
with the original plan. That is, keep the more modern BLAKE2B (which was |
| 11 |
a participant of the SHA-3 competition [1]) and drop the older SHA512. |
| 12 |
|
| 13 |
Back then, we had the choice between adding SHA3_512 and BLAKE2B, and we |
| 14 |
preferred BLAKE2B for performance reasons. |
| 15 |
|
| 16 |
I also think that the argument about the OpenPGP signature isn't very |
| 17 |
strong, because replacing that signature by another one using a |
| 18 |
different hash is trivial. As I said before, replacing all Manifest |
| 19 |
files in the tree isn't. |
| 20 |
|
| 21 |
Ulrich |
| 22 |
|
| 23 |
[1] https://en.wikipedia.org/wiki/NIST_hash_function_competition |
Archives