<feed xmlns='http://www.w3.org/2005/Atom'>
<title>git/Documentation/technical/hash-function-transition.txt, branch v2.30.2</title>
<subtitle>Mirror of https://git.kernel.org/pub/scm/git/git.git/
</subtitle>
<id>https://git.shady.money/git/atom?h=v2.30.2</id>
<link rel='self' href='https://git.shady.money/git/atom?h=v2.30.2'/>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/'/>
<updated>2020-08-14T01:09:55Z</updated>
<entry>
<title>docs: fix step in transition plan</title>
<updated>2020-08-14T01:09:55Z</updated>
<author>
<name>brian m. carlson</name>
<email>sandals@crustytoothpaste.net</email>
</author>
<published>2020-08-13T22:49:01Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=2ae12e568b14e068cd37afdd47dd46c2be8538fe'/>
<id>urn:sha1:2ae12e568b14e068cd37afdd47dd46c2be8538fe</id>
<content type='text'>
One of the required steps for the objectFormat extension is to implement
the loose object index.  However, without support for
compatObjectFormat, we don't even know if the loose object index is
needed, so it makes sense to move that step to the compatObjectFormat
section.  Do so.

Signed-off-by: brian m. carlson &lt;sandals@crustytoothpaste.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>Merge branch 'jk/lore-is-the-archive'</title>
<updated>2019-12-06T23:09:23Z</updated>
<author>
<name>Junio C Hamano</name>
<email>gitster@pobox.com</email>
</author>
<published>2019-12-06T23:09:23Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=3b3d9ea6a8fbf36a8710b855062c685d9a7d33e3'/>
<id>urn:sha1:3b3d9ea6a8fbf36a8710b855062c685d9a7d33e3</id>
<content type='text'>
Doc update for the mailing list archiving and nntp service.

* jk/lore-is-the-archive:
  doc: replace public-inbox links with lore.kernel.org
  doc: recommend lore.kernel.org over public-inbox.org
</content>
</entry>
<entry>
<title>doc: replace public-inbox links with lore.kernel.org</title>
<updated>2019-11-30T17:12:26Z</updated>
<author>
<name>Jeff King</name>
<email>peff@peff.net</email>
</author>
<published>2019-11-27T12:54:04Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=3eae30e4649dd3174fdce7a92115c972763baa5b'/>
<id>urn:sha1:3eae30e4649dd3174fdce7a92115c972763baa5b</id>
<content type='text'>
Since we're now recommending lore.kernel.org (and because the
public-inbox.org domain might eventually go away), let's update our
internal references to use it, too. That future-proofs our references,
and sets the example we want people to follow.

Signed-off-by: Jeff King &lt;peff@peff.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>Documentation: fix a bunch of typos, both old and new</title>
<updated>2019-11-07T04:42:00Z</updated>
<author>
<name>Elijah Newren</name>
<email>newren@gmail.com</email>
</author>
<published>2019-11-05T17:07:20Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=031fd4b93b8182761948aa348565118955f48307'/>
<id>urn:sha1:031fd4b93b8182761948aa348565118955f48307</id>
<content type='text'>
Reported-by: Jens Schleusener &lt;Jens.Schleusener@fossies.org&gt;
Signed-off-by: Elijah Newren &lt;newren@gmail.com&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>doc: fix repeated words</title>
<updated>2019-08-12T00:40:07Z</updated>
<author>
<name>Mark Rushakoff</name>
<email>mark.rushakoff@gmail.com</email>
</author>
<published>2019-08-10T05:59:14Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=24966cd9820a6b0d4e348807b07cb9af8ba84fc7'/>
<id>urn:sha1:24966cd9820a6b0d4e348807b07cb9af8ba84fc7</id>
<content type='text'>
Inspired by 21416f0a07 ("restore: fix typo in docs", 2019-08-03), I ran
"git grep -E '(\b[a-zA-Z]+) \1\b' -- Documentation/" to find other cases
where words were duplicated, e.g. "the the", and in most cases removed
one of the repeated words.

There were many false positives by this grep command, including
deliberate repeated words like "really really" or valid uses of "that
that" which I left alone, of course.

I also did not correct any of the legitimate, accidentally repeated
words in old RelNotes.

Signed-off-by: Mark Rushakoff &lt;mark.rushakoff@gmail.com&gt;
Acked-by: Jeff King &lt;peff@peff.net&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>doc hash-function-transition: pick SHA-256 as NewHash</title>
<updated>2018-08-07T14:40:43Z</updated>
<author>
<name>Jonathan Nieder</name>
<email>jrnieder@gmail.com</email>
</author>
<published>2018-08-04T08:52:47Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=0ed8d8da374f648764758f13038ca93af87ab800'/>
<id>urn:sha1:0ed8d8da374f648764758f13038ca93af87ab800</id>
<content type='text'>
From a security perspective, it seems that SHA-256, BLAKE2, SHA3-256,
K12, and so on are all believed to have similar security properties.
All are good options from a security point of view.

SHA-256 has a number of advantages:

* It has been around for a while, is widely used, and is supported by
  just about every single crypto library (OpenSSL, mbedTLS, CryptoNG,
  SecureTransport, etc).

* When you compare against SHA1DC, most vectorized SHA-256
  implementations are indeed faster, even without acceleration.

* If we're doing signatures with OpenPGP (or even, I suppose, CMS),
  we're going to be using SHA-2, so it doesn't make sense to have our
  security depend on two separate algorithms when either one of them
  alone could break the security when we could just depend on one.

So SHA-256 it is.  Update the hash-function-transition design doc to
say so.

After this patch, there are no remaining instances of the string
"NewHash", except for an unrelated use from 2008 as a variable name in
t/t9700/test.pl.

Signed-off-by: Ævar Arnfjörð Bjarmason &lt;avarab@gmail.com&gt;
Acked-by: Linus Torvalds &lt;torvalds@linux-foundation.org&gt;
Acked-by: brian m. carlson &lt;sandals@crustytoothpaste.net&gt;
Acked-by: Johannes Schindelin &lt;Johannes.Schindelin@gmx.de&gt;
Acked-by: Dan Shumow &lt;danshu@microsoft.com&gt;
Signed-off-by: Jonathan Nieder &lt;jrnieder@gmail.com&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>doc hash-function-transition: note the lack of a changelog</title>
<updated>2018-07-25T21:29:55Z</updated>
<author>
<name>Ævar Arnfjörð Bjarmason</name>
<email>avarab@gmail.com</email>
</author>
<published>2018-07-25T08:30:23Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=13f5e0982121ea1f1fc1b94f1e559bfb23aa0a16'/>
<id>urn:sha1:13f5e0982121ea1f1fc1b94f1e559bfb23aa0a16</id>
<content type='text'>
The changelog embedded in the document pre-dates the addition of the
document to git.git (it used to be a Google Doc), so it only goes up
to 752414ae43 ("technical doc: add a design doc for hash function
transition", 2017-09-27).

Since then I made some small edits to it, which would have been worthy
of including in this changelog (but weren't). Instead of amending it
to include these, just note that future changes will be noted in the
log.

Signed-off-by: Ævar Arnfjörð Bjarmason &lt;avarab@gmail.com&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>doc hash-function-transition: clarify what SHAttered means</title>
<updated>2018-03-28T02:08:31Z</updated>
<author>
<name>Ævar Arnfjörð Bjarmason</name>
<email>avarab@gmail.com</email>
</author>
<published>2018-03-26T18:27:08Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=5988eb631a3a3a42f82c1442fae79001ad2b90e7'/>
<id>urn:sha1:5988eb631a3a3a42f82c1442fae79001ad2b90e7</id>
<content type='text'>
Attempt to clarify what the SHAttered attack means in practice for
Git. The previous version of the text made no mention whatsoever of
Git already having a mitigation for this specific attack, which the
SHAttered researchers claim will detect cryptanalytic collision
attacks.

I may have gotten some of the nuances wrong, but as far as I know this
new text accurately summarizes the current situation with SHA-1 in
git. I.e. git doesn't really use SHA-1 anymore, it uses
Hardened-SHA-1 (they just so happen to produce the same outputs
99.99999999999...% of the time).

Thus the previous text was incorrect in asserting that:

    [...]As a result [of SHAttered], SHA-1 cannot be considered
    cryptographically secure any more[...]

That's not the case. We have a mitigation against SHAttered, *however*
we consider it prudent to move to work towards a NewHash should future
vulnerabilities in either SHA-1 or Hardened-SHA-1 emerge.

Signed-off-by: Ævar Arnfjörð Bjarmason &lt;avarab@gmail.com&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>doc hash-function-transition: clarify how older gits die on NewHash</title>
<updated>2018-03-28T02:07:51Z</updated>
<author>
<name>Ævar Arnfjörð Bjarmason</name>
<email>avarab@gmail.com</email>
</author>
<published>2018-03-26T18:27:07Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=45fa195ff0b7a440fae02da1d871f976afa32dff'/>
<id>urn:sha1:45fa195ff0b7a440fae02da1d871f976afa32dff</id>
<content type='text'>
Change the "Repository format extension" to accurately describe what
happens with different versions of Git when they encounter NewHash
repositories, instead of only saying what happens with versions v2.7.0
and later.

See ab9cb76f66 ("Repository format version check.", 2005-11-25) and
00a09d57eb ("introduce "extensions" form of
core.repositoryformatversion", 2015-06-23) for the relevant changes to
the setup code where these variables are checked.

Signed-off-by: Ævar Arnfjörð Bjarmason &lt;avarab@gmail.com&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
<entry>
<title>technical doc: add a design doc for hash function transition</title>
<updated>2017-09-28T10:37:52Z</updated>
<author>
<name>Jonathan Nieder</name>
<email>jrnieder@gmail.com</email>
</author>
<published>2017-09-28T04:43:21Z</published>
<link rel='alternate' type='text/html' href='https://git.shady.money/git/commit/?id=752414ae4310cd304f5e31649aaab2dcf307057c'/>
<id>urn:sha1:752414ae4310cd304f5e31649aaab2dcf307057c</id>
<content type='text'>
This document describes what a transition to a new hash function for
Git would look like.  Add it to Documentation/technical/ as the plan
of record so that future changes can be recorded as patches.

Also-by: Brandon Williams &lt;bmwill@google.com&gt;
Also-by: Jonathan Tan &lt;jonathantanmy@google.com&gt;
Also-by: Stefan Beller &lt;sbeller@google.com&gt;
Signed-off-by: Jonathan Nieder &lt;jrnieder@gmail.com&gt;
Signed-off-by: Junio C Hamano &lt;gitster@pobox.com&gt;
</content>
</entry>
</feed>
