From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-82471-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 3D0281396D9
	for <garchives@archives.gentoo.org>; Sat, 21 Oct 2017 20:12:01 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 6FCC62BC02C;
	Sat, 21 Oct 2017 20:11:55 +0000 (UTC)
Received: from blaine.gmane.org (unknown [195.159.176.226])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 18DBF2BC013
	for <gentoo-dev@lists.gentoo.org>; Sat, 21 Oct 2017 20:11:54 +0000 (UTC)
Received: from list by blaine.gmane.org with local (Exim 4.84_2)
	(envelope-from <lnx-gentoo-dev@m.gmane.org>)
	id 1e607H-0003uW-Nr
	for gentoo-dev@lists.gentoo.org; Sat, 21 Oct 2017 22:11:31 +0200
X-Injected-Via-Gmane: http://gmane.org/
To: gentoo-dev@lists.gentoo.org
From: Duncan <1i5t5.duncan@cox.net>
Subject: [gentoo-dev] Re: Manifest2 hashes, take n+1-th
Date: Sat, 21 Oct 2017 20:11:20 +0000 (UTC)
Message-ID: <pan$56cea$d2ce1dd4$300dd95e$46bcec21@cox.net>
References: <1508440120.19870.14.camel@gentoo.org>
	<CAAD4mYhkpzGKXxwZn-2arwj4NuU5U+fsWRkNw0uRRm6X_MKgfw@mail.gmail.com>
	<robbat2-20171021T162151-007393951Z@orbis-terrarum.net>
	<CAAD4mYj58-3pzLgNNeeodgRevcceH7Ufd=OvuRjMtcA+xbaNWw@mail.gmail.com>
	<20171021195011.55b3ce6b@pc1>
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Complaints-To: usenet@blaine.gmane.org
User-Agent: Pan/0.143 (Quaint little villages here and there; 02834e6bc)
X-Archives-Salt: 5a222204-810c-42b6-a681-ec24742a125a
X-Archives-Hash: 662f967f485c100894b3e3ff634cd2d1

Hanno Böck posted on Sat, 21 Oct 2017 19:50:11 +0200 as excerpted:

> On Sat, 21 Oct 2017 12:12:44 -0500 R0b0t1 <r030t1@gmail.com> wrote:
> 
>> People are discussing collision resistance, but no one here appears to
>> be trained in cryptography.
> 
> For the record, I'd claim I am.

... And with a number of vuln discoveries to your credit, it's safe to 
say it's not just paper certs for you, too. =:^)

(And FWIW I'd point to Robin H Johnson/robbat2 as someone I know has 
authority in this area as well.  There may be others.  FTR I'm not one of 
them, tho as any good admin I try to follow the security news especially 
where it touches machines I administer, so I'm following this thread with 
particular interest.)

-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman