Re: How safe are signed git tags? Only as safe as SHA-1 or somehow safer?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jeff King <peff@xxxxxxxx> writes:

> On Tue, Nov 25, 2014 at 08:52:58AM +0700, Duy Nguyen wrote:
>
>> On Tue, Nov 25, 2014 at 8:23 AM, Jonathan Nieder <jrnieder@xxxxxxxxx> wrote:
>> > I think the biggest obstacle is the upgrade path. ;-)
>> 
>> In the worst case we can always treat new repos as a different VCS. So
>> people will need a migration from SHA-1 to the new format, just like
>> they migrate from SVN/CVS to Git. Painful but simple.
>
> Maybe we can fix the tree-sorting order while we are at it. :)
>
> More seriously, there may come a day when we are ready to break
> compatibility completely with a new "Git v3.0" (2.0 is already taken, of
> course). I do not have immediate plans for it, but it's possible that
> multiple factors may make such a move desirable sometime in the next 10
> years, and that would be a good time to jump hash algorithms, as well.

As the fundamental data model of Git is built around "given the
object name, the same data is retrieved, and equally importantly,
given the same data, the same object name is used, so that we can
say two objects with different names record different contents
without looking at the data", it does not mesh with the use of
tagged hash where object name consists of a pair of <what hash is
used> and <what the hash value is> at all.  It is a proper mindset
to treat it as a different VCS to give us a clean break when (I did
not say "if") we need to switch hashes, I think.

Thanks.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]