Michał Górny posted on Sat, 21 Oct 2017 01:39:55 +0200 as excerpted:
> W dniu pią, 20.10.2017 o godzinie 18∶42 -0400, użytkownik Anton Molyboha
> napisał:
>> Would it make sense then to support several hashes but let the user
>> optionally turn off the verification of some of them, depending on t
Michał Górny schrieb:
> to:
>
> manifest-hashes = SHA512 SHA3_512
+1
Just wondering about the performance argument on weak systems:
Does Portage absolutely have to check all of the hashes or can it be
configured by the user to check only a subset of them?
Best regards,
Chí-Thanh Christopher
Blake2 is in coreutils already, provides an excellent security margin, and
is considerably faster than both sha2 and sha3.
On Oct 19, 2017 21:09, "Michał Górny" wrote:
> Hi, everyone.
>
> The previous discussion on Manifest2 hashes pretty much died away
> pending fixes to Portage. Since Portage
On Fri, Oct 20, 2017 at 8:04 AM, Kristian Fiskerstrand wrote:
> On 10/20/2017 11:10 AM, Dirkjan Ochtman wrote:
>>
>> I support Hanno's suggestion of doing just SHA512, but would be
>> interested in hearing opinions from others who have apparent
>> security/crypto experience. Maybe the Security pro
Hello,
I missed some messages in the time I wrote my reply. This also touches
on some of the points in Mr. Górny's other message about time.
On Fri, Oct 20, 2017 at 6:38 PM, Michał Górny wrote:
> W dniu pią, 20.10.2017 o godzinie 00∶20 +0200, użytkownik Francesco
> Riosa napisał:
>> 2017-10-19 2
W dniu pią, 20.10.2017 o godzinie 18∶42 -0400, użytkownik Anton Molyboha
napisał:
> On Thu, Oct 19, 2017 at 6:49 PM, Gordon Pettey wrote:
>
> > On Thu, Oct 19, 2017 at 5:32 PM, Hanno Böck wrote:
> >
> > > On Thu, 19 Oct 2017 21:08:40 +0200
> > > Michał Górny wrote:
> > >
> > > > manifest-ha
W dniu pią, 20.10.2017 o godzinie 00∶20 +0200, użytkownik Francesco
Riosa napisał:
> 2017-10-19 23:00 GMT+02:00 Michał Górny :
>
> > W dniu czw, 19.10.2017 o godzinie 21∶08 +0200, użytkownik Michał Górny
> > napisał:
> > >
> > > 4. The new hashes that are stronger and commonly available are
> > >
On Fri, Oct 20, 2017 at 5:42 PM, Anton Molyboha wrote:
> On Thu, Oct 19, 2017 at 6:49 PM, Gordon Pettey
> wrote:
>
>> On Thu, Oct 19, 2017 at 5:32 PM, Hanno Böck wrote:
>>
>>> On Thu, 19 Oct 2017 21:08:40 +0200
>>> Michał Górny wrote:
>>>
>>> > manifest-hashes = SHA512 SHA3_512
>>>
>>> Count
On Thu, Oct 19, 2017 at 6:49 PM, Gordon Pettey wrote:
> On Thu, Oct 19, 2017 at 5:32 PM, Hanno Böck wrote:
>
>> On Thu, 19 Oct 2017 21:08:40 +0200
>> Michał Górny wrote:
>>
>> > manifest-hashes = SHA512 SHA3_512
>>
>> Counterproposal: Just use SHA512.
>>
>> There isn't any evidence that any S
Hello,
On Thu, Oct 19, 2017 at 2:08 PM, Michał Górny wrote:
> Hi, everyone.
>
> The previous discussion on Manifest2 hashes pretty much died away
> pending fixes to Portage. Since Portage was fixed a while ago, and we
> can now safely switch, I'd like to reboot the discussion before
> submitting
# Andreas K. Hüttel (20 Oct 2017)
# Doesn't build with glibc-2.25, doesn't build, needs a
# version bump, needs a maintainer. Bugs 604364, 599004,
# 627064. Removal in 30 days.
app-crypt/zuluCrypt
--
Andreas K. Hüttel
dilfri...@gentoo.org
Gentoo Linux developer (council, perl, libreoffice)
sig
W dniu pią, 20.10.2017 o godzinie 17∶42 +0200, użytkownik Paweł Hajdan,
Jr. napisał:
> On 19/10/2017 21:08, Michał Górny wrote:
> > Considering all arguments made so far, I'd like to propose changing:
> > manifest-hashes = SHA256 SHA512 WHIRLPOOL
> > to:
> > manifest-hashes = SHA512 SHA3_512
>
On 19/10/2017 21:08, Michał Górny wrote:
> Considering all arguments made so far, I'd like to propose changing:
> manifest-hashes = SHA256 SHA512 WHIRLPOOL
> to:
> manifest-hashes = SHA512 SHA3_512
+1, fine for me
> 1. The main argument for using multiple hashes is to prevent the (very
> unli
On Fri, Oct 20, 2017 at 6:04 AM, Kristian Fiskerstrand wrote:
> On 10/20/2017 11:10 AM, Dirkjan Ochtman wrote:
>>
>> I support Hanno's suggestion of doing just SHA512, but would be
>> interested in hearing opinions from others who have apparent
>> security/crypto experience. Maybe the Security pro
On 10/20/2017 03:05 PM, Michael Orlitzky wrote:
> Every WiFi network on the planet essentially became Starbucks overnight
> on Sunday->Monday, so in my opinion we shouldn't bet against immediate
> and catastrophic failure of anything, no matter how well-tested.
Post Hoc ergo Propter Hoc
--
Krist
On 10/19/2017 06:32 PM, Hanno Böck wrote:
>
> Counterproposal: Just use SHA512.
>
> There isn't any evidence that any SHA2-based hash algorithm is going to
> be broken any time soon. If that changes there will very likely be
> decades of warning before a break becomes practical.
>
Every WiFi ne
On 10/20/2017 11:10 AM, Dirkjan Ochtman wrote:
>
> I support Hanno's suggestion of doing just SHA512, but would be
> interested in hearing opinions from others who have apparent
> security/crypto experience. Maybe the Security project can weigh the
> suggestions as well?
>
The whole discussion i
On Fri, 20 Oct 2017 11:23:06 +0200
Ulrich Mueller wrote:
> > On Fri, 20 Oct 2017, Dirkjan Ochtman wrote:
>
> > As Hanno was saying, we'll have decades of warning before a break
> > becomes practical, so I don't think this is a real concern.
>
> How can we be sure of that? I guess the sa
On Fri, Oct 20, 2017 at 11:23 AM, Ulrich Mueller wrote:
> > On Fri, 20 Oct 2017, Dirkjan Ochtman wrote:
>
> > As Hanno was saying, we'll have decades of warning before a break
> > becomes practical, so I don't think this is a real concern.
>
> How can we be sure of that? I guess the same reas
> On Fri, 20 Oct 2017, Dirkjan Ochtman wrote:
> As Hanno was saying, we'll have decades of warning before a break
> becomes practical, so I don't think this is a real concern.
How can we be sure of that? I guess the same reasoning was applied
when MD5 and SHA1 hashes were used.
> I think the
On Fri, Oct 20, 2017 at 12:49 AM, Gordon Pettey
wrote:
> On Thu, Oct 19, 2017 at 5:32 PM, Hanno Böck wrote:
>
>> On Thu, 19 Oct 2017 21:08:40 +0200
>> Michał Górny wrote:
>>
>> > manifest-hashes = SHA512 SHA3_512
>>
>> Counterproposal: Just use SHA512.
>>
>> There isn't any evidence that any
21 matches
Mail list logo
