Doesn’t this mean anyone can downgrade a blob to an attackable hash function? That’s a flaw that has come up multiple times over the years in multiple protocols that allowed things like hash functions to be specified in the payload.
Not on its own, though you could use a library like this to build such a system.
This kind of thing is extremely useful in practice for incrementally upgrading from a hash that’s no longer good enough, provided you don’t keep compatibility around indefinitely
The table is just an exhaustive in-order list with no organization, and various types of “things” interleaved. ISO OIDs can get silly, sure, but I think you want some sort of organization here, with a separate namespace for hashes, otherwise you’re just living out the xkcd “standards” joke.
I always use multibase encoded multihashes for any new project using hashes
Yes, I started to do this too now.
Doesn’t this mean anyone can downgrade a blob to an attackable hash function? That’s a flaw that has come up multiple times over the years in multiple protocols that allowed things like hash functions to be specified in the payload.
Not on its own, though you could use a library like this to build such a system.
This kind of thing is extremely useful in practice for incrementally upgrading from a hash that’s no longer good enough, provided you don’t keep compatibility around indefinitely
The table is just an exhaustive in-order list with no organization, and various types of “things” interleaved. ISO OIDs can get silly, sure, but I think you want some sort of organization here, with a separate namespace for hashes, otherwise you’re just living out the xkcd “standards” joke.
For anyone looking for a good Python implementation, I recently discovered https://github.com/hashberg-io/multiformats and couldn’t be happier.