new hashes (SHA512, SHA3) in apt metadata and .changes files?

To: debian-devel@lists.debian.org
Subject: new hashes (SHA512, SHA3) in apt metadata and .changes files?
From: Paul Wise <pabs@debian.org>
Date: Fri, 2 Aug 2013 14:52:33 +0200
Message-id: <[🔎] CAKTje6GFBVBjmCECH_j3gwPBOkoBju261V2CrgzZ5dag+9e61w@mail.gmail.com>

I noted[1] that some derivatives have introduced SHA512 into their
Release files (and probably Packages/etc). I was wondering if it is
time to drop or deprecate MD5 from the apt metadata and replace it
with SHA512 and or SHA-3. Thoughts?

If so, here is the list of software that probably needs updating:

dak
apt/apt-ftparchive
reprepro
launchpad
dpkg-dev
devscripts
derivatives census

Side note; is there an SHA-3 shared library yet?

Side note; is SHA512 accepted/checked by apt in Release files yet? If
so it would be great if the spec at [2] could be updated for that.

1. http://dex.alioth.debian.org/census/*/check-package-list
2. https://wiki.debian.org/RepositoryFormat

-- 
bye,
pabs

http://wiki.debian.org/PaulWise

Reply to:

Follow-Ups:
- Re: new hashes (SHA512, SHA3) in apt metadata and .changes files?
  - From: Guillem Jover <guillem@debian.org>
- Re: new hashes (SHA512, SHA3) in apt metadata and .changes files?
  - From: David Kalnischkies <kalnischkies@gmail.com>
- Re: new hashes (SHA512, SHA3) in apt metadata and .changes files?
  - From: Ondřej Surý <ondrej@sury.org>

Prev by Date: ITP: skype4py, can somebody sponsor it for me?
Next by Date: Re: new hashes (SHA512, SHA3) in apt metadata and .changes files?
Previous by thread: ITP: skype4py, can somebody sponsor it for me?
Next by thread: Re: new hashes (SHA512, SHA3) in apt metadata and .changes files?
Index(es):
- Date
- Thread