On Tue, 28 Sep 2010, Matt McCutchen wrote:
On Mon, 2010-09-27 at 22:33 -0400, Benjamin R. Haskell wrote:
But the flip side is that rsync is not a security tool. MD5 is fine
for rsync for the same reason SHA-1 (which, as with all hashes, will
eventually be "broken") is fine for git:
This gets a little off topic, but I /do/ want git to use a
collision-resistant hash function. I would like to be able to fetch
from others without giving them a free pass to poison my repository.
I believe that was the original intended semantic of the "fetch"
operation; it's only now eroding as SHA-1 gets studied. But the risk
isn't great enough to goad me into action yet.
Shoot. I left out the link that was the whole point: it's Linus
explaining why SHA-1 is fine (because security happens at a higher
level):
http://kerneltrap.org/mailarchive/git/2006/8/28/211065
(Boils down to the two points I paraphrased -- but the upshot is that
hash collision != free pass to poison)
--
Best,
Ben
--
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html