From: Jonathan Nieder <jrnieder@gmail.com>
To: Johannes Schindelin <Johannes.Schindelin@gmx.de>
Cc: "Stefan Beller" <sbeller@google.com>,
"Junio C Hamano" <gitster@pobox.com>,
"Phillip Wood" <phillip.wood@dunelm.org.uk>,
"git@vger.kernel.org" <git@vger.kernel.org>,
"Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
Subject: Re: pushing for a new hash, was Re: [PATCH 2/3] rebase: Add tests for console output
Date: Tue, 6 Jun 2017 15:45:24 -0700 [thread overview]
Message-ID: <20170606224524.GC21733@aiede.mtv.corp.google.com> (raw)
In-Reply-To: <alpine.DEB.2.21.1.1706070008440.171564@virtualbox>
Hi,
Johannes Schindelin wrote:
> On Fri, 2 Jun 2017, Jonathan Nieder wrote:
>> Johannes Schindelin wrote:
>>> Maybe we should call out a specific month (or even a longer period) during
>>> which we try to push toward that new hash function, and focus more on
>>> those tasks (and on critical bug fixes, if any) than anything else.
>>
>> Thanks for offering. ;-)
>
> Undoubtedly my lack of command of the English language is to blame for
> this misunderstanding.
>
> By no means did I try to indicate that I am ready to accept the
> responsibility of working toward a new hash dumped on me.
It was a joke. More seriously, I do appreciate your questions to get
this discussion going.
[...]
> 3) the only person who could make that call is Junio
I strongly disagree with this.
> 4) we still have the problem that there is no cryptography expert among
> those who in the Git project are listened to
*shrug* I still don't know what you are suggesting here. Are you
saying we should find a cryptography expert to pay? Or do you have
other specific suggestions of how to attract them?
>> How did you get the impression that their opinion had no impact? We have
>> been getting feedback about the choice of hash function both on and off
>> list from a variety of people, some indisputably security experts.
>> Sometimes the best one can do is to just listen.
>
> I did get the impression by talking at length to a cryptography expert who
> successfully resisted any suggestions to get involved in the Git mailing
> list.
I know of other potential Git contributors that have resisted getting
involved in the Git mailing list, too. I still don't know what you
are suggesting here. Forgive me for being dense.
> There were also accounts floating around on Twitter that a certain
> cryptography expert who dared to mention already back in 2005 how
> dangerous it would be to hardcode SHA-1 into Git was essentially shown the
> finger, and I cannot fault him for essentially saying "I told you so"
> publicly.
I think there is a concrete suggestion embedded here: when discussions
go in an unproductive direction, my usual practice has been to keep
away from them. This means that to a casual observer there can appear
to be a consensus that doesn't really exist. We need to do better
than that: when a prominent contributor like Linus and people newer to
the project are emphatically dismissing the security impact of using a
broken hash function, others in the project need to speak up to make
it clear that those are not the actual opinions of the project.
To put it another way: "The standard you walk past is the standard you
accept". I have failed at this.
It is a very hard problem to solve, but it is worth solving.
> In my mind, it would have made sense to ask well-respected cryptographers
> about their opinions and then try to figure out a consensus among them (as
> opposed to what I saw so far, a lot of enthusastic talk by developers with
> little standing in the cryptography community, mostly revolving around
> hash size and speed as opposed to security). And then try to implement
> that consensus in Git. Given my recent success rate with SHA-1 related
> concerns, I am unfortunately not the person who can bring that about.
>
> But maybe you are.
I think you are being a bit dismissive of both the work done so far
and the value of your own work.
I am happy to solicit more input from security researchers, though,
and your suggestion to do so is good advice.
Thanks and hope that helps,
Jonathan
next prev parent reply other threads:[~2017-06-06 22:45 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-31 10:42 [PATCH 0/3] Add regression tests for recent rebase -i fixes Phillip Wood
2017-05-31 10:42 ` [PATCH 1/3] rebase -i: Add test for reflog message Phillip Wood
2017-06-01 2:00 ` Junio C Hamano
2017-05-31 10:42 ` [PATCH 2/3] rebase: Add tests for console output Phillip Wood
2017-05-31 19:02 ` Phillip Wood
2017-06-01 1:59 ` Junio C Hamano
2017-06-01 12:56 ` Johannes Schindelin
2017-06-01 23:40 ` Junio C Hamano
2017-06-01 23:47 ` Stefan Beller
2017-06-02 12:47 ` pushing for a new hash, was " Johannes Schindelin
2017-06-02 17:54 ` Jonathan Nieder
2017-06-02 18:05 ` Jonathan Nieder
2017-06-02 20:29 ` Ævar Arnfjörð Bjarmason
2017-06-15 10:38 ` Johannes Schindelin
2017-06-03 0:36 ` Junio C Hamano
2017-06-06 22:22 ` Johannes Schindelin
2017-06-06 22:45 ` Jonathan Nieder [this message]
2017-06-07 1:09 ` Junio C Hamano
2017-06-07 2:18 ` [PATCH] t4005: modernize style and drop hard coded sha1 Stefan Beller
2017-06-07 17:39 ` Brandon Williams
2017-06-06 22:45 ` pushing for a new hash, was Re: [PATCH 2/3] rebase: Add tests for console output Stefan Beller
2017-06-06 22:52 ` Jonathan Nieder
2017-06-07 0:34 ` Samuel Lijin
2017-06-07 14:47 ` Johannes Schindelin
2017-06-07 16:53 ` Stefan Beller
2017-06-07 10:47 ` Phillip Wood
2017-06-09 16:39 ` Junio C Hamano
2017-06-14 10:18 ` Phillip Wood
2017-06-14 12:51 ` Johannes Schindelin
2017-05-31 10:42 ` [PATCH 3/3] rebase: Add tests for console output with conflicting stash Phillip Wood
2017-06-14 10:24 ` [PATCH v2 0/3] Add regression tests for rectent rebase -i fixes Phillip Wood
2017-06-14 10:24 ` [PATCH v2 1/3] rebase -i: Add test for reflog message Phillip Wood
2017-06-14 10:24 ` [PATCH v2 2/3] rebase: Add regression tests for console output Phillip Wood
2017-06-14 10:24 ` [PATCH v2 3/3] rebase: Add more " Phillip Wood
2017-06-14 20:35 ` [PATCH v2 0/3] Add regression tests for rectent rebase -i fixes Johannes Schindelin
2017-06-15 23:05 ` Junio C Hamano
2017-06-15 23:23 ` Junio C Hamano
2017-06-15 23:29 ` Junio C Hamano
2017-06-16 13:49 ` Johannes Schindelin
2017-06-16 18:43 ` Johannes Sixt
2017-06-16 21:05 ` Junio C Hamano
2017-06-19 19:45 ` Johannes Sixt
2017-06-19 20:02 ` Junio C Hamano
2017-06-19 9:49 ` Phillip Wood
2017-06-19 15:45 ` Junio C Hamano
2017-06-19 9:52 ` Phillip Wood
2017-06-19 17:56 ` [PATCH v3 0/4] Add regression tests for recent " Phillip Wood
2017-06-19 17:56 ` [PATCH v3 1/4] sequencer: print autostash messages to stderr Phillip Wood
2017-06-19 17:56 ` [PATCH v3 2/4] rebase -i: Add test for reflog message Phillip Wood
2017-06-19 17:56 ` [PATCH v3 3/4] rebase: Add regression tests for console output Phillip Wood
2017-06-19 17:56 ` [PATCH v3 4/4] rebase: Add more " Phillip Wood
2017-06-23 4:17 ` [PATCH v3 0/4] Add regression tests for recent rebase -i fixes Junio C Hamano
2017-06-23 5:07 ` Junio C Hamano
2017-06-23 9:53 ` Phillip Wood
2017-06-23 17:03 ` Junio C Hamano
2017-06-23 18:53 ` Junio C Hamano
2017-06-26 9:17 ` Phillip Wood
2017-06-23 19:01 ` Junio C Hamano
2017-06-26 9:23 ` Phillip Wood
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170606224524.GC21733@aiede.mtv.corp.google.com \
--to=jrnieder@gmail.com \
--cc=Johannes.Schindelin@gmx.de \
--cc=avarab@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=phillip.wood@dunelm.org.uk \
--cc=sbeller@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).