Thread (50 messages) 50 messages, 19 authors, 2017-10-02

Re: RFC: Another proposed hash function transition plan

From: Jeff King <hidden>
Date: 2017-03-07 09:07:01

On Mon, Mar 06, 2017 at 10:39:49AM -0800, Jonathan Tan wrote:
The "nohash" thing was in the hope of requiring only one signature to sign
all the hashes (in all the functions) that the user wants, while preserving
round-tripping ability.
Thanks, this explained it very well.

I understand the tradeoff now, though I am still of the opinion that
simplicity is probably a more important goal.

In practice I'd imagine that anybody doing commit-signing would just
sign the more-secure hash, and people doing tag releases would probably
do a dual-sign to be verifiable by both old and new clients. Those are
infrequent enough that the extra computation probably doesn't matter.
But that's just my gut feeling.

-Peff
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help