On 11.10.24 12:27, Thorsten Leemhuis wrote: > On 10.10.24 17:52, Sami Tolvanen wrote: > Thx for your feedback! >> On Thu, Oct 10, 2024 at 1:57 AM Thorsten Leemhuis <linux@xxxxxxxxxxxxx> wrote: >>> On 10.10.24 10:42, Sedat Dilek wrote: >>>> On Thu, Oct 10, 2024 at 10:29 AM Sedat Dilek <sedat.dilek@xxxxxxxxx> wrote: >>>>> On Thu, Oct 10, 2024 at 10:19 AM Thorsten Leemhuis <linux@xxxxxxxxxxxxx> wrote: >>>>>> On 10.10.24 09:00, Thorsten Leemhuis wrote: >> >>> P.S.: Vegard Nossum mentioned in the fediverse that I could also solve >>> the problem the patch is about by adding "default MODULE_SIG_SHA512" to >>> the "choice" section; haven't tried that, but that sounds like a better >>> solution. Will likely give it a try, unless someone brings up unwanted >>> side effects this might cause. >> >> Yes, that would be a much better way to change the default. Overall, >> moving away from SHA-1 seems like a good idea and SHA-512 feels like a >> reasonable choice. Luis, do you see any issues with changing the >> default here? > > So, how do I make such a default choice work without breaking the > current magic, which looks like this: > [...] Ignore that, I was missing something obvious and got mislead by my brain, sorry for the noise. Will send a updated patch in a few days to give Luis and others a chance to raise objections reg. switching to SHA512. Ciao, Thorsten
