[
https://issues.apache.org/jira/browse/OAK-209?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Thomas Mueller resolved OAK-209.
--------------------------------
Resolution: Fixed
Revision 1368520 and revision 1368542.
Some additional changes are included as some of the tests had to be changed in
order to use SHA-256. Also I documented and changed the internal BlobStore
interface a bit.
> BlobStore: use SHA-256 instead of SHA-1, and use two directory levels for
> FileBlobStore
> ---------------------------------------------------------------------------------------
>
> Key: OAK-209
> URL: https://issues.apache.org/jira/browse/OAK-209
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: mk
> Reporter: Thomas Mueller
> Assignee: Thomas Mueller
> Priority: Minor
>
> Currently we use SHA-1 as the hash algorithm for the blob store (same as with
> Jackrabbit 2.x). I think it makes sense if we use SHA-256 instead:
> Advantages:
> - SHA-1 is considered "broken" by some experts:
> http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
> - SHA-256 belongs to the SHA-2 family, which is recommended by NIST
> for new applications:
> http://csrc.nist.gov/groups/ST/toolkit/secure_hashing.html
> Disadvantages:
> - Longer file name
> - Longer content hash
> - Not compatible with Jackrabbit 2.x
> For the FileBlobStore, the current implementation uses only one directory
> level while Jackrabbit 2.x uses 3 levels. I think we should use two levels
> for Oak, to avoid too many files in the same directory.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
