tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Removing SHA1 as a distfile hash



> I'd like to remove the SHA1 hashes now[0] and stop new ones
> from being generated, since they do nothing but waste CPU cycles.
> This leaves us with SHA512 and RMD160. Using at least two different
> hashes is a good idea, in case one is found to be broken.

Looks like agc explicitly added RMD160/SHA512 hashes to all distinfo
files in 2015? If that's the case, yeah, I think it's fine to nuke
the SHA-1 distfile info.

While I like the BLAKE algos myself, and would be quite happy to
see blake2s used as one of the hash methods, I'd note that blake2s
is currently *not* currently supported by pkgsrc/pkgtools/digest
(nor does -current have any CLI tools that I can find; cksum(1)
doesn't have it); I'd suggest that be remedied regardless.

(To get into partial bikeshed territory, I'd also say that digest(1)
could use some slightly better help/display options; there is
currently no way to tell what algs are supported, the output is
inflexible, etc.)

I'm highly ambivalent about SHA3; I've yet to hear any compelling
arguments as to why it's demonstratably better than the alternatives.
The main thing I've heard cited is that since its structure is
notably different from SHA2/BLAKE, it might have better immunity
to collision attacks, but that's handwavery at best - and we already
have RMD160 in place.

tl;dr: sure, nuke SHA1, add blake2s support and then its hashes



Home | Main Index | Thread Index | Old Index