Debian SHA-1 deprecation

To: debian-security@lists.debian.org
Subject: Debian SHA-1 deprecation
From: Daniel Pocock <daniel@pocock.pro>
Date: Wed, 18 May 2016 15:20:24 +0200
Message-id: <[🔎] 573C6C18.7080805@pocock.pro>


Can anybody comment on how Debian users will be impacted by SHA-1
deprecation?

In particular:

- will libraries like OpenSSL and GnuTLS continue to support it in
stretch and beyond?

- will web servers like Apache support it in server certificates or
certificate chains?

- will web servers and other applications accept client certificates
containing SHA-1 hashes?

- if support for SHA-1 is being removed or disabled by default, will it
also be disabled in security updates to jessie and wheezy LTS?

Reply to:

Follow-Ups:
- Re: Debian SHA-1 deprecation
  - From: Elmar Stellnberger <estellnb@gmail.com>
- Re: Debian SHA-1 deprecation
  - From: Paul Wise <pabs@debian.org>

Prev by Date: Re: Will Packaging BoringSSL Bring Any Trouble to the Security Team?
Next by Date: Problems in https://www.debian.org/doc/manuals/securing-debian-howto
Previous by thread: Re: Jessie unable to install DEB
Next by thread: Re: Debian SHA-1 deprecation
Index(es):
- Date
- Thread