Implementations should allow locking hashes

[jbenet]

Multihash already allows users to give their own multihash table, and thus they can already "lock" the library to only accept a set of them. But perhaps this isn't messaged very clearly.

Multihash implementations should allow locking to a certain set of hashes, and make this very clear for developers so that they do it. Otherwise -- in some kinds of applications that accept things from the wire and just check for self-consistent validity -- people may be able to force weak/non-crypto hashes.

We should recommend that implementations have something like:

multihash.Configure(multihash.Config{
  Hashes: map[string]int{ // int is minimum size allowed.
    "sha2-256":    224
    "sha2-512":    224,
    "sha3-512":    224,
    "sha3-224":    224,
    "sha3-256":    224,
    "sha3-384":    224,
    "sha3-512":    224,
    "blake2b-256": 256,
    "blake2b-512": 256,
})

Or could even take a set of ranges

[jbenet]

TODO:

• figure out a good common interface that allows config through:
  • constructing table programmatically (as above, easiest)
  • loading different table from a serialized format
• message this better in the readme
• file issues in current impls to do this