Re: RFC: Another proposed hash function transition plan
From: Jeff King <hidden>
Date: 2017-03-07 09:07:01
From: Jeff King <hidden>
Date: 2017-03-07 09:07:01
On Mon, Mar 06, 2017 at 10:39:49AM -0800, Jonathan Tan wrote:
The "nohash" thing was in the hope of requiring only one signature to sign all the hashes (in all the functions) that the user wants, while preserving round-tripping ability.
Thanks, this explained it very well. I understand the tradeoff now, though I am still of the opinion that simplicity is probably a more important goal. In practice I'd imagine that anybody doing commit-signing would just sign the more-secure hash, and people doing tag releases would probably do a dual-sign to be verifiable by both old and new clients. Those are infrequent enough that the extra computation probably doesn't matter. But that's just my gut feeling. -Peff