From: "Ludovic Courtès" <ludo@gnu.org>
To: Marius Bakke <mbakke@fastmail.com>
Cc: guix-devel@gnu.org, 41382@debbugs.gnu.org
Subject: Re: [bug#41382] [PATCH 0/6] Allow for a cryptographic hash function migration
Date: Thu, 21 May 2020 22:46:18 +0200 [thread overview]
Message-ID: <875zcpc8yt.fsf@gnu.org> (raw)
In-Reply-To: <87wo57reil.fsf@devup.no> (Marius Bakke's message of "Tue, 19 May 2020 20:00:34 +0200")
Hi!
Marius Bakke <mbakke@fastmail.com> skribis:
[...]
>> and to automatically “convert” the ‘sha256’ field specification to a
>> ‘content-hash’. Due to the way identifiers are matched, there are cases
>> where we can’t preserve the illusion of compatibility, as can be seen
>> with the patch below. Perhaps that’s acceptable, though.
>>
>> Thoughts?
>
> This is a great initiative, and the patches LGTM.
Great, thanks for taking a look.
> I think that if we are to move away from SHA256, we should go with
> something that is immune to length extension attacks[0] such as BLAKE2/3
> or SHA-3 (Keccak).
That makes sense to me.
I think we have time to think about it. When we choose to switch, we
should change all the tools (importers, ‘guix download’, etc.) and
documentation to default to the new hash so migration can happen
consistently.
> Although I don't know any Guile implementations of those as of yet.
Libgcrypt supports them, so we can definitely use them. I realize we
also need to extend nix/libutil/hash.{cc,hh}.
> SHA512 does not improve much security-wise IMO, but maybe it's
> worthwhile as s stop-gap.
Yeah, I’m not sure. We should definitely keep an eye on what others are
doing and what crypto folks recommend.
Ludo’.
next prev parent reply other threads:[~2020-05-21 20:46 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20200518213116.23978-1-ludo@gnu.org>
[not found] ` <871rnggf4d.fsf@gnu.org>
2020-05-19 18:00 ` [bug#41382] [PATCH 0/6] Allow for a cryptographic hash function migration Marius Bakke
2020-05-21 20:46 ` Ludovic Courtès [this message]
2020-05-21 23:43 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=875zcpc8yt.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=41382@debbugs.gnu.org \
--cc=guix-devel@gnu.org \
--cc=mbakke@fastmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).