On Tue, Apr 5, 2022 at 11:47 AM Jason A. Donenfeld <zx...@gentoo.org> wrote: > > Hi Michal, > > On Tue, Apr 05, 2022 at 02:49:12PM +0000, Michał Górny wrote: > > > I don't really care which one we use, so long as it's not already > > > broken or too obscure/new. So in other words, any one of SHA2-256, > > > SHA2-512, SHA3, BLAKE2b, BLAKE2s would be fine with me. Can we just > > > pick one and roll with it? > > > > Back when we added BLAKE2b, the idea was to eventually remove SHA512 > > (the previous hash). However, this was rejected afterwards. > > Maybe we should pick that back up? Do you remember the ultimate > rationale for rejecting it? Do you suppose those are still valid?
(Somehow you broke threading) This was a topic in June 2021's Council meeting: https://gitweb.gentoo.org/sites/projects/council.git/tree/meeting-logs/20210613-summary.txt#n33 https://gitweb.gentoo.org/sites/projects/council.git/tree/meeting-logs/20210613.txt#n137 Basically there was no great reason presented for making the change and some (IMO specious) reasons for keeping multiple hashes. I don't think anyone felt strongly enough about removing one hash to fight for it.
