Subject: About git and the use of SHA-1
Newsgroups: gmane.comp.version-control.git
Date: 2008-04-28 16:29:07 GMT (3 years, 40 weeks, 6 days, 13 hours and 39 minutes ago)
Hi list! As far as I have gathered, the SHA-1-sum is used as a identifier for commits, and that is the primary reason for using sha1. However, several places (including the google tech-talk featuring Linus himself) states that the id's are cryptographically secure. As discussed in [1], SHA-1 is not as secure as it once was (and this was in 2005), and I'm wondering - are there any plans for migrating to another hash-algorithm? I.e. SHA-2, whirlpool.. [1] http://www.schneier.com/blog/archives/2005/02/cryptanalysis_o.html -- mvh Henrik Austad