making the logs temper evident through git like hash chains
Posted Nov 19, 2011 4:40 UTC (Sat) by nevyn
In reply to: making the logs temper evident through git like hash chains
Parent article: The Journal - a proposed syslog replacement
From: blog.valerieaurora.org talking about CAS and compare by hash...
Finally, in a vain attempt to forestall the inevitable flame wars, I will point out that my objections do not apply to systems in which the hash address space is shared only with trusted users. In other words, hash-based source control is for the most part fine sticking with SHA-1 and could indeed use a cheaper hash like MD5 without any practical trouble
From: kernel trap git archive
on the first discussion about git only using sha1, Linus explains:
As I explained early on [...], the _security_ of git actually depends
on not cryptographic hashes, but simply on everybody being able to secure
their own _private_ repository.
Then there was another discussion
, where other people said the same things.
Git's use of hashes as a CAS doesn't make it secure, doing the same thing for log file lines will not make them secure/trustable/whatever either.
to post comments)