Ban SHA1 from being used for crypto purposes by default
Given the first found collision for SHA1, it is time to start removing the algorithm from the secure set of hashes.
There are separate efforts for the other supported branches of gnutls:
-
SHA1 is disabled for certificate verification in gnutls 3.5.x branch -
SHA1 is disabled for certificate verification in gnutls 3.3.x branch
Note that all the above refer to SHA1 combined with a digital signature algorithm (e.g., RSA-SHA1, or ECDSA-SHA1). Other uses of SHA1 are not covered
Edited by Nikos Mavrogiannopoulos