On Sun, Jul 05, 2015 at 09:05:12PM -0400, Rich Freeman wrote: > All the gpg stuff really exposes the weakness of git being based on > sha1 though. I wouldn't think that it would be that hard to change > git's hash function, with the caveat that the resulting repositories > might not be backwards-compatible…
If you want a Merkle DAG with flexible hashes, you may be interested in IPFS [1]. It doesn't have Git's source-control tooling yet, but it does a good job at passing around generic Merkle objects with self-identifying hashes [2]. That way you can make your hash as strong as you like, although you'll still have public-rebase style incompatibilities if you want to go back and republish an older part of the DAG with a stronger hash. Cheers, Trevor [1]: http://ipfs.io/ [2]: https://github.com/jbenet/multihash/ -- This email may be signed or encrypted with GnuPG (http://www.gnupg.org). For more information, see http://en.wikipedia.org/wiki/Pretty_Good_Privacy
signature.asc
Description: OpenPGP digital signature
