Skip to content

Add hash algorithm transition plan #76

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
lukpueh wants to merge 1 commit into from
Closed

Add hash algorithm transition plan #76

lukpueh wants to merge 1 commit into from

Conversation

@lukpueh
Copy link
Member

@lukpueh lukpueh commented Nov 28, 2019

Picks up discussion from #68

Add subsection to section "Managing Future Changes to the Update Process" that explains how to transition from an old (weak) to a new (stronger) hashing algorithm without disrupting client workflows.

@lukpueh lukpueh mentioned this pull request Nov 28, 2019
Closed
joshuagl
joshuagl reviewed Nov 28, 2019
View reviewed changes
Copy link

@joshuagl joshuagl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks solid. Only one minor comment/suggestion.

brainwane
brainwane suggested changes Dec 1, 2019
View reviewed changes
Copy link

@brainwane brainwane left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1 tiny typofix -- otherwise looks good to me.

pep-0458.txt Outdated
However, once support for an old algorithm is turned off, clients that don't
support the new algorithm will only be able to install or update packages,
including the client itself, by disabling TUF verification. To allow clients to
transition without temporarily loosing TUF security guarantees, we recommend
Copy link

@brainwane brainwane Dec 1, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should be "losing", not "loosing"

Copy link
Member Author

@lukpueh lukpueh Dec 2, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well spotted. Thanks! Fixed and force-pushed.

@lukpueh lukpueh force-pushed the hash-algo-transition branch from d9bfddd to 8872dfd Compare December 2, 2019 12:19
@lukpueh
Copy link
Member Author

lukpueh commented Dec 3, 2019

Now that python#1203 is merged, we can't piggyback into upstream on the 1st-draft branch anymore. Should I just re-open the PR on https://github.com/python/peps?

@trishankatdatadog, did you still want to leave a comment about referencing the newly added section somewhere else in the pep?

trishankatdatadog
trishankatdatadog suggested changes Dec 3, 2019
View reviewed changes
Copy link

@trishankatdatadog trishankatdatadog left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, @lukpueh. Please address these few concerns, and let's open a new PR on upstream, please.

pep-0458.txt Outdated

1. Implement new algorithm in Warehouse.

2. Re-generate existing TUF metadata to include both old and new algorithm
Copy link

@trishankatdatadog trishankatdatadog Dec 3, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would rewrite this sentence to say something like: "Regenerate existing, unexpired to include hashes using both the old and new algorithms. All new metadata going forward shall list both hash algorithms."

pep-0458.txt Outdated
metadata needs to be renewed, that is *bin-n*, *snapshot* and *timestamp*.
Thus, only online keys are required to sign renewed metadata.

3. Announce transition on high-visibility channels.
Copy link

@trishankatdatadog trishankatdatadog Dec 3, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Such as? The Python Discourse?

PEP 458: add hash algorithm transition plan
47e0ced 
Add subsection to section "Managing Future Changes to the Update
Process" that explains how to transition from an old (weak) to a
new (stronger) hashing algorithm without disrupting client
workflows.
@lukpueh lukpueh force-pushed the hash-algo-transition branch from 8872dfd to 47e0ced Compare December 11, 2019 11:24
@lukpueh
Copy link
Member Author

lukpueh commented Dec 11, 2019

Thanks for the suggestions, @trishankatdatadog, I amended my last commit to integrate them and will open a new PR to upstream.

@lukpueh
Copy link
Member Author

lukpueh commented Dec 11, 2019

Superseded by python#1253. Closing here.

@lukpueh lukpueh closed this Dec 11, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

3 more reviewers

@joshuagl joshuagl joshuagl left review comments

@brainwane brainwane brainwane requested changes

@trishankatdatadog trishankatdatadog trishankatdatadog requested changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@lukpueh @brainwane @joshuagl @trishankatdatadog