From owner-freebsd-current@freebsd.org Wed Dec 30 05:55:33 2020 Return-Path: Delivered-To: freebsd-current@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0837E4D7741 for ; Wed, 30 Dec 2020 05:55:33 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: from mail-ed1-x52c.google.com (mail-ed1-x52c.google.com [IPv6:2a00:1450:4864:20::52c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4D5L9b55Vqz4g0V for ; Wed, 30 Dec 2020 05:55:31 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: by mail-ed1-x52c.google.com with SMTP id i24so14465007edj.8 for ; Tue, 29 Dec 2020 21:55:31 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=LvkJTYaI/KWbulIRlqTPG9MOTa3HiwkaWrTwvO1+ijg=; b=RX+Qv0gfxBzKEe/SMwAm4VuiTQVBipjYun+MonRNBJ2ZU6VmcNsGvQG/2AO+XWLD7w RV95j1AMJuYXNRF41ddxb2zVTig+fuHzfoSUziZD1zeK5mf/6vcdwjVpV4FSkop4g30i /1ZluEBfVEISXY9Tpd6BetQVQrvmQgcTnYBQrPSdP8Z7c1y4jD5fp2Zi4BzCWgKYDeuL CmpvGxAZmzsDF3lup4pm1y3MYEcCW1DcRswZvs4v7RV5GEc1ig1SNSVfmLw0XLBTwJPy XLNdrKbc4UVnePzAOutWwLhfTNdO0XB4+05g+CydAdTkvVL/6tjanH/mgRcyFzIeOD8x Eydw== X-Gm-Message-State: AOAM531VSa1/9U9P87yZdrMoOVx5l+ISHSvjpEWP3Y+6xu4sfaa3qQ36 gMv9bVq+EuJnes9F9MPisrPBqylamkN2nRGQL2hbqReWdV9Hgg== X-Google-Smtp-Source: ABdhPJyTqD/VBMxhLMXkm+acav3NBlqo8govqEw+5PttFNvwfGYKJExwLKtTBL0Y2d2kXT2ARCV31kVoqvQei9fbbPw= X-Received: by 2002:a05:6402:7d7:: with SMTP id u23mr48380184edy.325.1609307729641; Tue, 29 Dec 2020 21:55:29 -0800 (PST) MIME-Version: 1.0 Received: by 2002:a54:3d8d:0:0:0:0:0 with HTTP; Tue, 29 Dec 2020 21:55:29 -0800 (PST) In-Reply-To: <20201230004620.GB31099@funkthat.com> References: <5fdc0b90.1c69fb81.866eb.8c29SMTPIN_ADDED_MISSING@mx.google.com> <20201218175241.GA72552@spindle.one-eyed-alien.net> <20201218182820.1P0tK%steffen@sdaoden.eu> <20201223023242.GG31099@funkthat.com> <20201223162417.v7Ce6%steffen@sdaoden.eu> <20201229011939.GU31099@funkthat.com> <20201229210454.Lh4y_%steffen@sdaoden.eu> <20201230004620.GB31099@funkthat.com> From: grarpamp Date: Wed, 30 Dec 2020 00:55:29 -0500 Message-ID: Subject: Re: HEADS UP: FreeBSD src repo transitioning to git this weekend To: freebsd-current@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 4D5L9b55Vqz4g0V X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::52c:from]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-current@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::52c:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::52c:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-current] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 Dec 2020 05:55:33 -0000 >> SHA-256 arrives, if you look at the git history. > git's SHA-256 [...] requiring a super new git version to even test it out. It's "in" current release 2.30.0 and before, duly caveated as experimental and not fully featured yet... git-init(1) --object-format= Specify the given object format (hash algorithm) for the repository. The valid values are sha1 and (if enabled) sha256. sha1 is the default. > continue to test how well it works and monitor the > ecosystem for a transition in a few years when it is robust.. Sure, though perhaps freebsd may then find to enjoy a more middle lead, ahead than the rather later move of svn->git, and being already git it will be far less work. There should be some freebsd press release when the current git deploy is all done, as new people from outside will like to know last big OS is on git and then use it more too. > signatures of the magnet links Signing torrent.asc, with stronger or even same hash as BT protocol, still serve purpose of authenticate torrent file back to a signer to the degree therein, caveat their platform security, caveat sha-1 inside torrent still being abuseable by third party, caveat etc. With no torrent.asc there is nothing directly saying the torrent file / infohash itself went through freebsd project. Whether torrent or git or else, there can be useable scope and case for such "stronger over weaker" constructions. gpg offers better hash algos than sha-1 these days, all users should look into configuring and using it, same goes for abandoning the old [a]symmetric algos and weaker keys, made with old weak /dev/random, etc. One cannot sign or verify anything without knowing gpg first :) And even port called "age" is of simple utility too.