Thomas Mueller created OAK-209:
----------------------------------
Summary: BlobStore: use SHA-256 instead of SHA-1, and use two
directory levels for FileBlobStore
Key: OAK-209
URL: https://issues.apache.org/jira/browse/OAK-209
Project: Jackrabbit Oak
Issue Type: Bug
Components: mk
Reporter: Thomas Mueller
Assignee: Thomas Mueller
Priority: Minor
Currently we use SHA-1 as the hash algorithm for the blob store (same as with
Jackrabbit 2.x). I think it makes sense if we use SHA-256 instead:
Advantages:
- SHA-1 is considered "broken" by some experts:
http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
- SHA-256 belongs to the SHA-2 family, which is recommended by NIST
for new applications:
http://csrc.nist.gov/groups/ST/toolkit/secure_hashing.html
Disadvantages:
- Longer file name
- Longer content hash
- Not compatible with Jackrabbit 2.x
For the FileBlobStore, the current implementation uses only one directory level
while Jackrabbit 2.x uses 3 levels. I think we should use two levels for Oak,
to avoid too many files in the same directory.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
