From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail From: Lars Ingebrigtsen Newsgroups: gmane.emacs.bugs Subject: bug#37420: [PATCH] Recommend against SHA-1 for security-related applications Date: Tue, 17 Sep 2019 00:25:15 +0200 Message-ID: <87d0fzq3p0.fsf@gnus.org> References: <87v9tsv65b.fsf@gnus.org> <87ef0grneg.fsf@gnus.org> Mime-Version: 1.0 Content-Type: text/plain Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226"; logging-data="187901"; mail-complaints-to="usenet@blaine.gmane.org" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) Cc: 37420@debbugs.gnu.org To: Stefan Kangas Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Tue Sep 17 00:26:10 2019 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([209.51.188.17]) by blaine.gmane.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1i9zRi-000mkz-Dt for geb-bug-gnu-emacs@m.gmane.org; Tue, 17 Sep 2019 00:26:10 +0200 Original-Received: from localhost ([::1]:40500 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1i9zRg-0007wV-Mx for geb-bug-gnu-emacs@m.gmane.org; Mon, 16 Sep 2019 18:26:08 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:42614) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1i9zRb-0007wL-3C for bug-gnu-emacs@gnu.org; Mon, 16 Sep 2019 18:26:04 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1i9zRZ-0006Q4-V1 for bug-gnu-emacs@gnu.org; Mon, 16 Sep 2019 18:26:03 -0400 Original-Received: from debbugs.gnu.org ([209.51.188.43]:42451) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1i9zRZ-0006PP-Qa for bug-gnu-emacs@gnu.org; Mon, 16 Sep 2019 18:26:01 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1i9zRZ-0001RW-NN for bug-gnu-emacs@gnu.org; Mon, 16 Sep 2019 18:26:01 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Lars Ingebrigtsen Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Mon, 16 Sep 2019 22:26:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 37420 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch Original-Received: via spool by 37420-submit@debbugs.gnu.org id=B37420.15686727215498 (code B ref 37420); Mon, 16 Sep 2019 22:26:01 +0000 Original-Received: (at 37420) by debbugs.gnu.org; 16 Sep 2019 22:25:21 +0000 Original-Received: from localhost ([127.0.0.1]:51272 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1i9zQv-0001Qc-Cf for submit@debbugs.gnu.org; Mon, 16 Sep 2019 18:25:21 -0400 Original-Received: from quimby.gnus.org ([80.91.231.51]:40888) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1i9zQt-0001QT-4z for 37420@debbugs.gnu.org; Mon, 16 Sep 2019 18:25:19 -0400 Original-Received: from cm-84.212.202.86.getinternet.no ([84.212.202.86] helo=marnie) by quimby.gnus.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1i9zQp-0007Lz-Oq; Tue, 17 Sep 2019 00:25:18 +0200 In-Reply-To: (Stefan Kangas's message of "Mon, 16 Sep 2019 23:50:33 +0200") X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:166597 Archived-At: Stefan Kangas writes: > +These symbols corresponds to the following hashing algorithms: > + > + md5 - MD5 > + sha1 - SHA-1 > + sha224 - SHA-2 / SHA-224 > + sha256 - SHA-2 / SHA-384 > + sha384 - SHA-2 / SHA-384 > + sha512 - SHA-2 / SHA-512 I'm not sure these really clarify all that much? But I don't object to it. [...] > --- a/test/lisp/emacs-lisp/package-resources/archive-contents > +++ b/test/lisp/emacs-lisp/package-resources/archive-contents > @@ -1,9 +1,12 @@ > +;; RFC3339 timestamp > +;; Last-Updated: 2014-01-16T05:43:35.000Z > (1 > (simple-single . > [(1 3) > nil "A single-file package with no dependencies" single > ((:url . "http://doodles.au") > - (:keywords quote ("frobnicate")))]) > + (:keywords quote ("frobnicate")) > + (:hash )]) Hm... is this related? -- (domestic pets only, the antidote for overdose, milk.) bloggy blog: http://lars.ingebrigtsen.no