W dniu pią, 20.10.2017 o godzinie 18∶42 -0400, użytkownik Anton Molyboha napisał: > On Thu, Oct 19, 2017 at 6:49 PM, Gordon Pettey <[email protected]> wrote: > > > On Thu, Oct 19, 2017 at 5:32 PM, Hanno Böck <[email protected]> wrote: > > > > > On Thu, 19 Oct 2017 21:08:40 +0200 > > > Michał Górny <[email protected]> wrote: > > > > > > > manifest-hashes = SHA512 SHA3_512 > > > > > > Counterproposal: Just use SHA512. > > > > > > There isn't any evidence that any SHA2-based hash algorithm is going to > > > be broken any time soon. If that changes there will very likely be > > > decades of warning before a break becomes practical. > > > > > > Having just one hash is simpler and using a well supported one like > > > SHA512 may make things easier than using something that's still not > > > very widely supported. > > > > > > Yet having more than one lets you match make sure nobody hijacked your > > manifest file when an attack vector is inevitably discovered for the old > > new algorithm (whether SHA2, SHA3, or BLAKE2), because you'll be able to > > confirm the file is the same one that matched the old checksum in addition > > to the new one. > > > > Would it make sense then to support several hashes but let the user > optionally turn off the verification of some of them, depending on the > user's security vs performance requirements? >
I won't block anyone from implementing such an option but I won't spend my time on it either. However, if you believe verifying two checksums could be a problem, then I have serious doubts if you hardware is capable of building anything. -- Best regards, Michał Górny
