On Thu, Oct 19, 2017 at 5:32 PM, Hanno Böck <ha...@gentoo.org> wrote:
> On Thu, 19 Oct 2017 21:08:40 +0200 > Michał Górny <mgo...@gentoo.org> wrote: > > > manifest-hashes = SHA512 SHA3_512 > > Counterproposal: Just use SHA512. > > There isn't any evidence that any SHA2-based hash algorithm is going to > be broken any time soon. If that changes there will very likely be > decades of warning before a break becomes practical. > > Having just one hash is simpler and using a well supported one like > SHA512 may make things easier than using something that's still not > very widely supported. Yet having more than one lets you match make sure nobody hijacked your manifest file when an attack vector is inevitably discovered for the old new algorithm (whether SHA2, SHA3, or BLAKE2), because you'll be able to confirm the file is the same one that matched the old checksum in addition to the new one.