Jonathan Nieder writes:
> +Alternatives considered
> +---
> +Upgrading everyone working on a particular project on a flag day
> +
> ...
> +Using hash functions in parallel
> +
> ...
On Tue, Oct 03, 2017 at 02:40:26PM +0900, Junio C Hamano wrote:
> Jonathan Nieder writes:
...
> > +Meaning of signatures
> > +~
> > +The signed payload for signed commits and tags does not explicitly
> > +name the hash used to identify objects. If some day Git adopts a new
> >
Jonathan Nieder writes:
> +Signed Tags
> +~~~
> +We add a new field "gpgsig-newhash" to the tag object format to allow
> +signing tags without relying on SHA-1. Its signed payload is the
> +newhash-content of the tag with its gpgsig-newhash field and "-BEGIN PGP
> +SIGNATURE-" del
On Fri, Sep 29, 2017 at 10:34:13AM -0700, Jonathan Nieder wrote:
> Junio C Hamano wrote:
> > Jonathan Nieder writes:
...
> > If it is a goal to eventually be able to lose SHA-1 compatibility
> > metadata from the objects, then we might want to remove SHA-1 based
> > signature bits (e.g. PGP traile
Hi Jonathan,
On Wed, Sep 27, 2017 at 09:43:21PM -0700, Jonathan Nieder wrote:
> This document describes what a transition to a new hash function for
> Git would look like. Add it to Documentation/technical/ as the plan
> of record so that future changes can be recorded as patches.
>
> Also-by: B
Jonathan Nieder writes:
> +Reading an object's sha1-content
> +
> +The sha1-content of an object can be read by converting all newhash-names
> +its newhash-content references to sha1-names using the translation table.
Sure.
> +Fetch
> +~
> +Fetching from a SH
Jonathan Nieder writes:
>>> +6. Skip fetching some submodules of a project into a NewHash
>>> + repository. (This also depends on NewHash support in Git
>>> + protocol.)
>>
>> It is unclear what this means. Around submodule support, one thing
>> I can think of is that a NewHash tree in a sup
Junio C Hamano wrote:
> Jonathan Nieder writes:
>> This document describes what a transition to a new hash function for
>> Git would look like. Add it to Documentation/technical/ as the plan
>> of record so that future changes can be recorded as patches.
>>
>> Also-by: Brandon Williams
>> Also-
Junio C Hamano writes:
> Or perhaps we could. There is nothing that says a signed tag
> created in the SHA-1 world must have the PGP/SHA-1 signature in the
> NewHash payload---it could be split off of the object data and
> stored in a local metadata cache, to be used only when we need to
> conve
Jonathan Nieder writes:
> This document describes what a transition to a new hash function for
> Git would look like. Add it to Documentation/technical/ as the plan
> of record so that future changes can be recorded as patches.
>
> Also-by: Brandon Williams
> Also-by: Jonathan Tan
> Also-by: S
This document describes what a transition to a new hash function for
Git would look like. Add it to Documentation/technical/ as the plan
of record so that future changes can be recorded as patches.
Also-by: Brandon Williams
Also-by: Jonathan Tan
Also-by: Stefan Beller
Signed-off-by: Jonathan N
11 matches
Mail list logo
