On Sat, Jul 21, 2018 at 3:39 PM Johannes Schindelin <Johannes.Schindelin@xxxxxx> wrote: > > Do you really want to value contributors' opinion more than > cryptographers'? I mean, that's exactly what got us into this hard-coded > SHA-1 mess in the first place. Don't be silly. Other real cryptographers consider SHA256 to be a problem. Really. It's amenable to the same hack on the internal hash that made for the SHAttered break. So your argument that "cryptographers prefer SHA256" is simply not true. Your real argument is that know at least one cryptographer that you work with that prefers it. Don't try to make that into some generic "cryptographers prefer it". It's not like cryptographers have issues with blake2b either, afaik. And blake2b really _does_ have very real advantages. If you can actually point to some "a large percentage of cryptographers prefer it", you'd have a point. But as it is, you don't have data, you have an anecdote, and you try to use that anecdote to put down other peoples opinions. Intellectually dishonest, that is. Linus