From mboxrd@z Thu Jan  1 00:00:00 1970
From: Tom Widmer <tom.widmer@googlemail.com>
Subject: Re: About git and the use of SHA-1
Date: Tue, 29 Apr 2008 16:02:57 +0100
Message-ID: <fv7db2$5hi$1@ger.gmane.org>
References: <200804281829.11866.henrikau@orakel.ntnu.no>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
To: git@vger.kernel.org
X-From: git-owner@vger.kernel.org Tue Apr 29 17:12:42 2008
connect(): Connection refused
Return-path: <git-owner@vger.kernel.org>
Envelope-to: gcvg-git-2@gmane.org
Received: from vger.kernel.org ([209.132.176.167])
	by lo.gmane.org with esmtp (Exim 4.50)
	id 1JqrTr-0000a7-LW
	for gcvg-git-2@gmane.org; Tue, 29 Apr 2008 17:10:56 +0200
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754560AbYD2PKH (ORCPT <rfc822;gcvg-git-2@m.gmane.org>);
	Tue, 29 Apr 2008 11:10:07 -0400
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1754866AbYD2PKG
	(ORCPT <rfc822;git-outgoing>); Tue, 29 Apr 2008 11:10:06 -0400
Received: from main.gmane.org ([80.91.229.2]:47426 "EHLO ciao.gmane.org"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1754418AbYD2PKF (ORCPT <rfc822;git@vger.kernel.org>);
	Tue, 29 Apr 2008 11:10:05 -0400
Received: from root by ciao.gmane.org with local (Exim 4.43)
	id 1JqrT0-000403-7u
	for git@vger.kernel.org; Tue, 29 Apr 2008 15:10:02 +0000
Received: from 82.109.240.196 ([82.109.240.196])
        by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
        id 1AlnuQ-0007hv-00
        for <git@vger.kernel.org>; Tue, 29 Apr 2008 15:10:02 +0000
Received: from tom.widmer by 82.109.240.196 with local (Gmexim 0.1 (Debian))
        id 1AlnuQ-0007hv-00
        for <git@vger.kernel.org>; Tue, 29 Apr 2008 15:10:02 +0000
X-Injected-Via-Gmane: http://gmane.org/
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: 82.109.240.196
User-Agent: Thunderbird 2.0.0.12 (Windows/20080213)
In-Reply-To: <200804281829.11866.henrikau@orakel.ntnu.no>
Sender: git-owner@vger.kernel.org
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org
Archived-At: <http://permalink.gmane.org/gmane.comp.version-control.git/80688>

Henrik Austad wrote:
> Hi list!
> 
> As far as I have gathered, the SHA-1-sum is used as a identifier for commits, 
> and that is the primary reason for using sha1.  However, several places 
> (including the google tech-talk featuring Linus himself) states that the id's 
> are cryptographically secure.
> 
> As discussed in [1], SHA-1 is not as secure as it once was (and this was in 
> 2005), and I'm wondering - are there any plans for migrating to another 
> hash-algorithm? I.e. SHA-2, whirlpool..
> 
> [1] http://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html

Why not wait until the results of:

are available. That will surely be soon enough.

Tom