On Sun, 22 Jul 2018 14:21:48 +0000, brian m. carlson wrote: > On Sun, Jul 22, 2018 at 11:34:42AM +0200, Eric Deplagne wrote: > > On Sat, 21 Jul 2018 23:59:41 +0000, brian m. carlson wrote: > > > I don't know your colleagues, and they haven't commented here. One > > > person that has commented here is Adam Langley. It is my impression > > > (and anyone is free to correct me if I'm incorrect) that he is indeed a > > > cryptographer. To quote him[0]: > > > > > > I think this group can safely assume that SHA-256, SHA-512, BLAKE2, > > > K12, etc are all secure to the extent that I don't believe that making > > > comparisons between them on that axis is meaningful. Thus I think the > > > question is primarily concerned with performance and implementation > > > availability. > > > > > > […] > > > > > > So, overall, none of these choices should obviously be excluded. The > > > considerations at this point are not cryptographic and the tradeoff > > > between implementation ease and performance is one that the git > > > community would have to make. > > > > Am I completely out of the game, or the statement that > > "the considerations at this point are not cryptographic" > > is just the wrongest ? > > > > I mean, if that was true, would we not be sticking to SHA1 ? > > I snipped a portion of the context, but AGL was referring to the > considerations involved in choosing from the proposed ones for NewHash. > In context, he meant that the candidates for NewHash “are all secure” > and are therefore a better choice than SHA-1. Maybe a little bit sensitive, but I really did read "we don't care if it's weak or strong, that's not the matter". > I think we can all agree that SHA-1 is weak and should be replaced. > -- > brian m. carlson: Houston, Texas, US > OpenPGP: https://keybase.io/bk2204 -- Eric Deplagne
Attachment:
signature.asc
Description: Digital signature