On 15.07.19 22:50, Russ Allbery wrote: > At some point, Git itself will switch away from SHA-1, and we > can then obviously follow.
According to [0]: ----- "Git v2.13.0 and later subsequently moved to a hardened SHA-1 implementation by default, which isn't vulnerable to the SHAttered attack. Thus Git has in effect already migrated to a new hash that isn't SHA-1 and doesn't share its vulnerabilities, its new hash function just happens to produce exactly the same output for all known inputs, except two PDFs published by the SHAttered researchers, and the new implementation (written by those researchers) claims to detect future cryptanalytic collision attacks." ----- The document also outlines plans for a transition to SHA256. It actually seems that since git version 2.21.0 the first SHA256 implementations have entered the git code [1, 2]. Though I have no idea whether using SHA256 is already production-ready. Therefore I think that distrust in SHA1 is no reason to discard Sean's and Ian's debpush proposal. Peter [0] https://github.com/git/git/blob/master/Documentation/technical/hash-function-transition.txt [1] https://github.com/git/git/commit/33e4ae9c509e0ecdc6508475f2974d275539616e [2] https://github.com/git/git/commit/27dc04c54506967fcaa87b2d560547ee5633040c
