From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id B6C2A139694 for ; Tue, 4 Apr 2017 08:34:53 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 13C3121C073; Tue, 4 Apr 2017 08:34:45 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id BDC64E0DD4 for ; Tue, 4 Apr 2017 08:34:44 +0000 (UTC) Received: from [10.143.178.207] (unknown [109.144.230.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: k_f) by smtp.gentoo.org (Postfix) with ESMTPSA id 44CC934162D; Tue, 4 Apr 2017 08:34:43 +0000 (UTC) Content-Type: text/plain; charset=utf-8 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 (1.0) Subject: Re: [gentoo-dev] [RFC] New Manifest hashes and how to enable them From: Kristian Fiskerstrand X-Mailer: iPad Mail (14D27) In-Reply-To: <1491239350.1978.1.camel@gentoo.org> Date: Tue, 4 Apr 2017 09:34:38 +0100 Cc: infra , dev-portage@gentoo.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <1491239350.1978.1.camel@gentoo.org> To: gentoo-dev@lists.gentoo.org X-Archives-Salt: 42ff4834-9afe-4e33-9eac-8d8536b40ddc X-Archives-Hash: 8d233ac5c3a6f8fcb3dffce17dd01f77 [Sent from my iPad, as it is not a secured device there are no cryptographic= keys on this device, meaning this message is sent without an OpenPGP signat= ure. In general you should *not* rely on any information sent over such an u= nsecure channel, if you find any information controversial or un-expected se= nd a response and request a signed confirmation] > On 3 Apr 2017, at 18:09, Micha=C5=82 G=C3=B3rny wrote:= >=20 > Therefore, my proposal would be to use the following set once their > support reaches the stable version of Portage: >=20 > manifest-hashes =3D SHA512 SHA3-512 WHIRLPOOL >=20 >=20 > Your thoughts? >=20 SHA256 is perfectly fine to use from a security perspective, so no need to d= o anything from that point of view. The big difference between SHA256 and SH= A512 is performance, you have significant gains of using sha256 on 32 bit ar= chitectures, whereby SHA512 is quite fine when having 64 bit registers. SHA5= 12 is well-tested and already part of package managers etc, so I dont really= have too strong opinions on making it mandatory and allow for sha256 to be r= eplaced, as long as it is clear that it isn't required from a strict securit= y view. As for SHA3 introduction, how well tested is the implementation used by the p= ackage managers, what are performance metrics etc? We don't really need this= atm, but nice to have it in the package managers as a backup if that was to= change, but should not be required digest algo (and yes, we really need to give Gentoo Keys all the help that we can in get= ting the OpenPGP signing ready, everything else is just bikeshedding until t= hat is in place and it is a making me rather sad that we haven't managed to d= o this already)=