/[gentoo]/xml/htdocs/proj/en/glep/glep-0059.txt
Gentoo

Diff of /xml/htdocs/proj/en/glep/glep-0059.txt

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.6 Revision 1.7
1GLEP: 59 1GLEP: 59
2Title: Manifest2 hash policies and security implications 2Title: Manifest2 hash policies and security implications
3Version: $Revision: 1.6 $ 3Version: $Revision: 1.7 $
4Last-Modified: $Date: 2010/01/31 09:55:43 $ 4Last-Modified: $Date: 2010/02/02 05:49:27 $
5Author: Robin Hugh Johnson <robbat2@gentoo.org>, 5Author: Robin Hugh Johnson <robbat2@gentoo.org>,
6Status: Draft 6Status: Draft
7Type: Standards Track 7Type: Standards Track
8Content-Type: text/x-rst 8Content-Type: text/x-rst
9Requires: 44 9Requires: 44
103As soon as feasible, we should add the SHA512 and WHIRLPOOL algorithms. 103As soon as feasible, we should add the SHA512 and WHIRLPOOL algorithms.
104In future, as stream-based checksums are developed (in response to the 104In future, as stream-based checksums are developed (in response to the
105development by NIST [AHS]), they should be considered and used. 105development by NIST [AHS]), they should be considered and used.
106 106
107The SHA512 algorithm is available in Python 2.5, which has been a 107The SHA512 algorithm is available in Python 2.5, which has been a
108dependency of Portage since approximately Python 2.1.6.13. 108dependency of Portage since approximately Portage 2.1.6.13.
109 109
110The WHIRLPOOL checksum is not available within the PyCrypto library or 110The WHIRLPOOL checksum is not available within the PyCrypto library or
111hashlib that is part of Python 2.5, but there are multiple alternative 111hashlib that is part of Python 2.5, but there are multiple alternative
112Python implementations available, ranging from pure Python to C-based 112Python implementations available, ranging from pure Python to C-based
113(python-mhash). 113(python-mhash).
132 132
133Backwards Compatibility 133Backwards Compatibility
134======================= 134=======================
135Old versions of Portage may support and expect only specific checksums. 135Old versions of Portage may support and expect only specific checksums.
136This is accounted for in the checksum depreciation discussion. 136This is accounted for in the checksum depreciation discussion.
137
138For maximum compatiability, we should only have to include each of the
139old algorithms that we are officially still supporting, as well as the
140new ones that we prefer.
137 141
138References 142References
139========== 143==========
140 144
141[AHS] NIST (2007). "NIST's Plan for New Cryptographic Hash Functions", 145[AHS] NIST (2007). "NIST's Plan for New Cryptographic Hash Functions",

Legend:
Removed from v.1.6  
changed lines
  Added in v.1.7

  ViewVC Help
Powered by ViewVC 1.1.20