Is support for SHA-256 and Blake-3 right?

darobin / dasl.ing

DASL — Data-Addressed Structures & Links

https://dasl.ing/

Apache License 2.0

0 stars 2 forks source link

Is support for SHA-256 and Blake-3 right? #1

Open darobin opened 4 days ago

darobin commented 4 days ago

Blake-3 is very useful for streaming verification of large files, but at the same time it's not supported in the browser, which makes it heavy to include.

bnewbold commented 4 days ago

FWIW, for atproto we are a bit split on it. on the one hand we'd like to use it for larger media files (videos) at some point. on the other hand, it tends to have performance-sensitive implementation and ends up pulling in deps and longer builds, even in non-Javascript languages. so being able to not use it until we actually need it would be nice.

(this is my informal take, not an official/formal bsky team consensus)

darobin commented 3 days ago

That's good to hear because I think it reflects conversations happening elsewhere. I'm sort of landing on "we support B3 but implementations should default to SHA and people shouldn't use it unless they have a good reason." It's ungainly, but then again this_is_standards.gif.

bumblefudge commented 3 days ago

SHA2-256 or SHA3-256? something something length-extension attacks (in the case of the former). but the latter is much less common, so I assume you mean SHA2-256. is it worth writing it out as SHA2-256 in the spec?