Hi, On Sat, Feb 25, 2017 at 01:31:32AM +0100, ankostis wrote: > That is why I believe that some HASH (e.g. SHA-3) must be the blessed one. > All git >= 3.x.x must support at least this one (for naming and > cross-referencing between objects). I would stress caution here. SHA3 has survived the NIST competition, but that's about it. It has *not* received nearly as much scrutiny as SHA2. SHA2 is a similar construction to SHA1 (Merkle–Damgård [1]) so it makes sense to be leery of it, but I would argue it's seasoning merits serious consideration. Ideally, bless SHA2-384 (minimum) as the next hash. Five or so years down the road, if SHA3 is still in good standing, bless it as the next hash. thx, Jason. [1] https://en.wikipedia.org/wiki/Merkle%E2%80%93Damg%C3%A5rd_construction