#829 release note request: SHA-1 signature deprecation
Closed 2 years ago by pbokoc. Opened 2 years ago by asosedkin.

Since F36 System-wide Change is too late to warn people of upcoming,
https://fedoraproject.org/wiki/Changes/StrongCryptoSettings3
Ben Cotton has told me to request a release note entry instead.
Here's a message I'd like to convey:

As the next installment of our periodic tightening of cryptographic defaults,
we're intending to bringing several changes to Fedora 39, most notably distrusting SHA-1 signatures.
The change has the potential to be significantly disruptive,
so we would like to urge users and package maintainers to test their software
by either previewing upcoming restrictive cryptographic policies
or passively logging the offending applications and workflows
starting from Fedora 36.
Please refer to https://fedoraproject.org/wiki/Changes/StrongCryptoSettings3 and https://fedoraproject.org/wiki/SHA1SignaturesGuidance for more details on the plan and specific steps to take.


Metadata Update from @bcotton:
- Issue set to the milestone: F36

2 years ago

Metadata Update from @bcotton:
- Issue assigned to bcotton

2 years ago

I added this in #832. I'm open to an argument that this should be in another section, but this seemed like the best fit. Thoughts, @pbokoc?

Yeah, I think it's fine in Security. Merged, thanks!

Metadata Update from @pbokoc:
- Issue status updated to: Closed (was: Open)

2 years ago

Log in to comment on this ticket.

Metadata
Related Pull Requests
  • #832 Merged 2 years ago