1 |
On Saturday 19 November 2005 20:41, Mike Auty wrote: |
2 |
> If portage can already handle multiple hash formats, |
3 |
|
4 |
Portage can't handle multiple hash formats at the moment. It is only smart |
5 |
enough to not throw a fit when other hash formats appear. |
6 |
|
7 |
> then perhaps it would just be best to start shifting the default hashing |
8 |
> algorithm from MD5 to SHA-256 or greater (which if you're going off |
9 |
> schneier's tips for safety is just about safe at the moment), rather than |
10 |
> requiring multiple hashes and guessing about their combined security? |
11 |
|
12 |
The user will be able to configure what algorithm(s) are used. Generation on |
13 |
the other hand needs to be done for at least MD5 and one other algorithm. |
14 |
|
15 |
> Having to maintain backwards compatibility with old versions of portage |
16 |
> is a good idea, however just how far back must be supported? |
17 |
|
18 |
A year is a good guide. |
19 |
|
20 |
-- |
21 |
Jason Stubbs |
22 |
-- |
23 |
gentoo-portage-dev@g.o mailing list |