On Sun, May 10, 2009 at 6:19 AM, Tony Hansen <tony(_at_)att(_dot_)com> wrote:
I'm not sure we can downgrade verifier support for sha1. However, I
definitely agree that we could downgrade signing support for sha1.
I dont see verifier support for sha-1 going away for quite a while due
to legacy installations. Downgrading or entirely removing (except if
a flag is explicitly set, say) SHA-1 signing is certainly an option.
Suresh Ramasubramanian (ops(_dot_)lists(_at_)gmail(_dot_)com)
NOTE WELL: This list operates according to