Re: [Monotone-devel] Git's usage of SHA1

[Markus Wanner]

Hi,

On 02/08/2016 07:52 PM, grarpamp wrote:
> A long thread on the below list with the above subject (that SHA1
> is more or less broken and should be proactively replaced along
> the lines of other general global movements off of SHA1) mentioned
> the snippet below. The same subject should be given consideration
> in monotone as well.

I agree and have thought about teaching monotone to use other hash
functions. There's no need to rush, though. I'd rather like to think
this through well.

OTOH at the current rate of development, we better hurry up a bit. ;-)

> https://lists.sonic.net/mailman/private/crypto-practicum/2016q1/thread.html

No access.

>   Also, historically speaking git's usage of SHA1 almost certainly came
> from monotone (monotone.ca), which Linus used as inspiration for git.

Yes.

> They still use SHA1, but it sounds like it would be much easier to
> replace there than in git.

I cannot speak for git, but I've already tried in monotone and it's not
trivial, either.

> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813157

Sounds like an entirely different issue. Monotone took the conservative
approach, here, and has always checked everything it receives via the
network.

> https://git.wiki.kernel.org/index.php/LinusTalk200705Transcript

Here, Linus' argument is that git only uses SHA-1 as a consistency
check, not for security. (I haven't checked how git's OpenPGP
integration works.)

That's certainly not the case for monotone, where certs reference the
revision id (a sha-1 hash).

> https://github.com/jayphelps/git-blame-someone-else

WTF is that? You're not trying to blame monotone for git's usage of
SHA-1, are you?

Kind Regards

Markus Wanner