On Wed, Mar 01, 2017 at 10:49:55AM -0800, Linus Torvalds wrote: > That said, I think that it would be lovely to just default to > USE_SHA1DC and just put the whole attack behind us. Yes, it's slower. > No, it doesn't really seem to matter that much in practice. My biggest concern is the index-pack operation. Try this: time git clone --no-local --bare linux tmp.git with and without USE_SHA1DC. I get: [w/ openssl] real 1m52.307s user 2m47.928s sys 0m14.992s [w/ sha1dc] real 3m4.043s user 6m16.412s sys 0m13.772s That's real latency the user will see. It's hard to break it down, though. The actual "receiving" phase is generally going to be network bound. The delta-resolution that happens afterwards is totally local and CPU-bound (but does run in parallel). And of course this repository tends to the larger side (though certainly there are bigger ones), and you only feel the pain on clone or when doing an initial push, not day-to-day. So maybe we just suck it up and accept that it's a bit slower. -Peff