Re: [fossil-users] Illogical justification of different hash

Thus said Kelly Dean on Tue, 13 Jan 2015 01:42:51 +: > But if the R-card is optional, then it can simply be removed entirely, > right? It can, certainly. That doesn't mean it should in all environments. Keeping it as an option means that those who are best able to evaluate the need f

Re: [fossil-users] Illogical justification of different hash

On Tue, Jan 13, 2015 at 2:42 AM, Kelly Dean wrote: > But if the R-card is optional, then it can simply be removed entirely, > right? The Z-card is also md5, and that can't be removed. > That eliminates the expense Can also be removed via a toggle: [stephan@host:~/cvs/fossil/fossil]$ f help

Re: [fossil-users] Illogical justification of different hash

Stephan Beal wrote: > The justification i remember hearing[1] when i asked about it was that the > md5 is faster, and therefore was chosen for the (expensive) R-card > calculation. Right or wrong, it's how it is and cannot be changed without > manifest format chantes. But if the R-card is optional

Re: [fossil-users] Illogical justification of different hash

On Mon, Jan 12, 2015 at 11:32:57AM -0500, Ron W wrote: > BTW, FYI, SHA1 and SHA2 are, as of recently, also considered insecure. I'm not aware of any attacks against SHA2, just general concerns that it is too similar to SHA1. Joerg ___ fossil-users maili

Re: [fossil-users] Illogical justification of different hash

On Mon, Jan 12, 2015 at 7:29 AM, Joerg Sonnenberger wrote: > On Mon, Jan 12, 2015 at 11:24:13AM +, Kelly Dean wrote: > > That makes no sense. To avoid common-mode failures in the > > implementation, you just need a different implementation. > > You don't need a different algorithm. > > It is

Re: [fossil-users] Illogical justification of different hash

On Mon, Jan 12, 2015 at 11:24:13AM +, Kelly Dean wrote: > That makes no sense. To avoid common-mode failures in the > implementation, you just need a different implementation. > You don't need a different algorithm. It is easier to pick a different algorithm than to find another (unique) imple

Re: [fossil-users] Illogical justification of different hash

On Mon, Jan 12, 2015 at 12:24 PM, Kelly Dean wrote: > http://www.fossil-scm.org/index.html/doc/tip/www/selfcheck.wiki says: > ⌜Note that these added checks use a different hash (MD5 instead of SHA1) > in order to avoid common-mode failures in the hash algorithm > implementation.⌝ > > That makes n

[fossil-users] Illogical justification of different hash

http://www.fossil-scm.org/index.html/doc/tip/www/selfcheck.wiki says: ⌜Note that these added checks use a different hash (MD5 instead of SHA1) in order to avoid common-mode failures in the hash algorithm implementation.⌝ That makes no sense. To avoid common-mode failures in the implementation, yo