Hi Brian, Thanks for the details! Now it sounds like although SHA1/SHA256 and v1/v2 are separate features, v2 capability is the only way for the client and server to negotiate the object format so that they won't send out something that is not understandable by the other party. In that case, I think it's still valid that v2 needs to be supported first so that SHA256 can later be supported with enough flexibility. Bests, Zhichen On 9/29/20, 3:45 PM, "brian m. carlson" <sandals@xxxxxxxxxxxxxxxxxxxx> wrote: On 2020-09-29 at 22:13:11, Jeff King wrote: > On Tue, Sep 29, 2020 at 01:17:59AM +0000, Wu, Zhichen wrote: > > 2. I see v2 has a capability called “object-format” that provides SHA1 > > option. I’m wondering if that capability will be the only way for > > client and server to start using SHA256? Or put it as another word, > > will v2 protocol be the prerequisite of SHA256? > > I think it would be impossible to handle object-format via v1, because > the v1 protocol writes the ref advertisement before any capabilities are > negotiated. So I think v1 must implicitly remain sha1-only (and a sha256 > repository on the server side would need to either reject a v1 client, > or back-translate as it would for a v2 client which asks for sha1). I don't think that's the case. You can indeed use v1 with SHA-256, but if you have a SHA-1-only Git, it will choke because the object ID is longer than it expects. If you want to negotiate the algorithm when we support both and the client can't deal with translating the initial ref advertisement, then yes, you'll need v2. We even support SHA-256 via bundles and the DAV-based HTTP protocol, but the latter will never support negotiation of hash algorithms because it's based on static files. It is required that you understand the object-format capability on the client side to support SHA-256, since if you fail to announce it, the default is SHA-1, and right now, the server side will produce an error if the client doesn't announce it (or sends SHA-1 data). -- brian m. carlson: Houston, Texas, US