Proposal: "Recommended" badges

[tarcieri]

Edit: this is in-progress. See the following tracking issues:

• AEADs: Recommended AEAD algorithms AEADs#272
• Hashes: Recommended hash algorithms hashes#232
• Password hashes: Recommended password hashing algorithms password-hashes#133

---

We have a few open issues about algorithm guidance, such as RustCrypto/password-hashes#48

While we have some precedent for this, such as the "Security" rubric here:

https://github.com/rustcrypto/hashes#supported-algorithms

...we don't have a consistent way of communicating this information across all repos/crates, which I think would be helpful.

I'd like to propose adding a "recommended" badge to each crate which uses the following rubric and links back to documentation (similar to HAZMAT.md) about what the badge means.

Recommended: Yes

Preferred modern algorithms we suggest people embrace in new projects.

Recommended: Neutral

Algorithms which are still considered secure, but are obscure, uncommonly used, and/or poorly-analyzed.

Recommended: No!

Algorithms which are known to be cryptographically broken and should only be used because legacy interop requires it.

[newpavlov]

Sounds good! But I fear our choices could be controversial. For example, should we use the green badge for argon2 (assuming we had it in this organization), even though some argue that it's worse than scrypt on runtimes smaller than ~1s? What about pbkdf2? Compared to modern alternatives it is weaker to ASIC and GPU based attacks, but using the red badge looks like an overkill and it does not fall under the definition of the grey badge as well.

Also I think the danger sign on such small fonts is not distinguishable enough (and it's with 4K display). so it's probably better to remove it.

[tarcieri]

For password hashes, I'd say:

• Argon2: recommended
• scrypt: recommended
• PBKDF2: neutral

I think hashing out the specific recommendations will need a per-repo issue at least with some discussion.

If specific recommendations wind up being too controversial, we can always change them!

[tarcieri]

Also I think the danger sign on such small fonts is not distinguishable enough (and it's with 4K display). so it's probably better to remove it.

How about just an exclamation point instead:

[newpavlov]

Yeah, the exclamation looks good.

[tarcieri]

I opened up tracking issues on some of our repos to begin initial discussion. I've linked them from the toplevel description.