From 7a237b7a0319e9d657eb7ae3424ccb0a5d23c54f Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 25 Feb 2017 15:00:22 -0400 Subject: move thoughts --- doc/todo/sha1_collision_embedding_in_git-annex_keys.mdwn | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/doc/todo/sha1_collision_embedding_in_git-annex_keys.mdwn b/doc/todo/sha1_collision_embedding_in_git-annex_keys.mdwn index c9b702492..5e33c5009 100644 --- a/doc/todo/sha1_collision_embedding_in_git-annex_keys.mdwn +++ b/doc/todo/sha1_collision_embedding_in_git-annex_keys.mdwn @@ -86,11 +86,15 @@ Or, we can document this gotcha. > > > > Could a repository be configured to either always disallow > > SHA1/URL/WORM, or always allow them, and then not let that be changed? -> > Yes -- Look through all the history of the git-annex branch from the +> > Maybe -- Look through all the history of the git-annex branch from the > > earliest commit forward. The first value stored in > > git-annex/disableinsecurehashes (eg 0 or 1) is the value to use; > > any later changes are ignored. > > That would be a little slow, but only needs to be done at init time. +> > It might be possible to fool this though. Create a new empty branch, +> > with an old date, make a commit enabling insecure hashes, and +> > merge it into git-annex branch HEAD. It now looks as if insecure hashes +> > were disabled earliest. ---- -- cgit v1.2.3