Henrik Austad wrote:
Hi list!
As far as I have gathered, the SHA-1-sum is used as a identifier for commits,
and that is the primary reason for using sha1. However, several places
(including the google tech-talk featuring Linus himself) states that the id's
are cryptographically secure.
As discussed in [1], SHA-1 is not as secure as it once was (and this was in
2005), and I'm wondering - are there any plans for migrating to another
hash-algorithm? I.e. SHA-2, whirlpool..
[1] http://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html
Why not wait until the results of:
are available. That will surely be soon enough.
Tom
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
