New implementation: do we need a separate DEFAULT_HASH_ALGORITHM config option in TUF? #1613
Labels
backlog
Issues to address with priority for current development goals
discussion
Discussions related to the design, implementation and operation of the project
repository
Related to the repository implementation
Comments
MVrachev
added
discussion
3 tasks
jku
added
repository
|
I see no need for this. Either we remove the one use of DEFAULT_HASH_ALGORITHM (and force repository implementation to specify algorithms when creating a new TargetFile) or we continue trusting Securesystemslib to handle our crypto stuff. |
|
I'm closing: if there are differing opinions (vs the previous comment) feel free to re-open |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description of issue or feature request:
In Securesystemslib there is the
securesystemslib.hash. DEFAULT_HASH_ALGORITHMconfiguration option which now is set to "sha256".The question is whether we need an option like this in TUF rather than relying on Securesystemslib?
If
securesystemslib.hash. DEFAULT_HASH_ALGORITHMis changed tomorrow how would this affect us?Current behavior:
Relly on
securesystemslib.hash. DEFAULT_HASH_ALGORITHMconfig option.Expected behavior:
To be decided.
Based on Joshua Lock's comment #1605 (comment).
The text was updated successfully, but these errors were encountered: