mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

implement isCryptographicallySecureKey for VURL

Browse source 
Considerable difficulty to work around an import cycle. Had to move the
list of backends (except for VURL) to Backend.Variety to VURL could use
it.

Sponsored-by: Kevin Mueller on Patreon
This commit is contained in:
Joey Hess 2024-02-29 17:21:29 -04:00
parent e7b7ea78af
commit cc17ac423b
No known key found for this signature in database
GPG key ID: DB12DB0FF05F8F38
16 changed files with 143 additions and 64 deletions
Download patch file Download diff file Expand all files Collapse all files

4
doc/todo/verified_relaxed_urls.mdwn
View file

@ -85,8 +85,8 @@ cryptographically secure hashes were recorded for a VURL. But of course,
which hashes are considered secure can change. Still, let's start by
only allowing currently secure hashes to be used for VURLs. This way,
when there are multiple hashes recorded for a VURL, they will all be
cryptographically secure, and so the VURL can have
`isCryptographicallySecure = True`. If any of the hashes later becomes
cryptographically secure normally, and so the VURL can be considered
cryptographically secure itself. If any of the hashes later becomes
broken, the VURL will no longer be treated as cryptographically secure,
because the broken hash can be used to verify its content.
In that case, the user would probably just migrate to a hash-based key,