From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1RASpR-0002DX-AJ for garchives@archives.gentoo.org; Sun, 02 Oct 2011 20:40:05 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id C460821C0D5; Sun, 2 Oct 2011 20:39:53 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id D359721C052 for ; Sun, 2 Oct 2011 20:39:43 +0000 (UTC) Received: from [192.168.26.4] (ip98-164-193-252.oc.oc.cox.net [98.164.193.252]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: zmedico) by smtp.gentoo.org (Postfix) with ESMTPSA id 35A8D1B4008 for ; Sun, 2 Oct 2011 20:39:43 +0000 (UTC) Message-ID: <4E88CC0D.6080702@gentoo.org> Date: Sun, 02 Oct 2011 13:39:41 -0700 From: Zac Medico User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:7.0.1) Gecko/20111001 Thunderbird/7.0.1 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-portage-dev@lists.gentoo.org Reply-to: gentoo-portage-dev@lists.gentoo.org MIME-Version: 1.0 To: gentoo-portage-dev@lists.gentoo.org Subject: Re: [gentoo-portage-dev] [GLEP59v2 5/5] GLEP59: Change live Manifest2 hashes to SHA256, SHA512, WHIRLPOOL References: <1317454855-2794-1-git-send-email-robbat2@gentoo.org> <1317454855-2794-6-git-send-email-robbat2@gentoo.org> <4E87EB2D.6070809@gentoo.org> In-Reply-To: X-Enigmail-Version: 1.4a1pre Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: X-Archives-Hash: 777810e69ca6343236c444c2dcf7e1b1 On 10/02/2011 05:46 AM, Robin H. Johnson wrote: > On Sat, Oct 01, 2011 at 09:40:13PM -0700, Zac Medico wrote: >> If we control these hashes via metadata/layout.conf, then we can toggle >> it atomically for all commiters. Otherwise, we'll have an annoying >> period of time where different committers are committing different sets >> of hashes, depending on their portage version. > How do you suggest doing it via layout.conf? I've kept SHA256 in both > sets for now, but if you could enforce new signatures including both > WHIRLPOOL and SHA256, that would be great. How about if we put something like this in gentoo-x86/metadata/layout.conf now: manifest2-sha1 = true manifest2-whirlpool = false Then we'll patch portage so that by default it will disable SHA1 and enable WHIRLPOOL, and the above settings will override the defaults. After the patched portage is marked stable in a month or so, we'll send an announcement to gentoo-announce, and remove the above settings from layout.conf. -- Thanks, Zac