On Tue, Oct 24, 2017 at 4:21 AM, Paweł Hajdan, Jr. <phajdan...@gentoo.org> wrote: > On 24/10/2017 06:11, Michał Górny wrote: >> W dniu wto, 24.10.2017 o godzinie 06∶04 +0200, użytkownik Michał Górny >> napisał: >>> Three hashes don't give any noticeable advantage. If we want a diverse >>> construct, we take SHA3. SHA3 is slower than SHA2 + BLAKE2 combined, so >>> even with 3 threaded computation it's going to be slower. >> >> Oh, and most notably, the speed loss will be mostly visible to users. >> An attacker would have to compute the additional hashes only >> if the fastest hash already matched, i.e. rarely. Users will have to >> compute them all the time. > > I'm surprised to see bikeshedding about this, where the performance > argument was shown to be speculative. > > Consider clarifying what's the goal of this thread. > > It seemed like a relatively obvious cleanup / modernizing the set of > hash functions, and I'd still be supportive of that. >
++ IMO nothing really new has come up for the most part. People disagree on a few points, as is inevitable. The purpose of mailing lists isn't to keep reiterating the same points until there is unanimous agreement. Best to just move on. -- Rich
