> I think you missed the point ... git and journald can happily use SHA-1
> because it adds no security at all
Er, I think perhaps it is you who is missing the point. TFA says:
> Each entry authenticates all previous ones. If the top-most hash is
> regularly saved to a secure write-only location, the full chain is
> authenticated by it. Manipulations by the attacker can hence easily be
The point is to get security, not to "happily use SHA-1."