mbedtls/ChangeLog.d/remove_default_alllow_sha1.txt

Removals
   * Remove config option MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES,
     which allowed SHA-1 in the default TLS configuration for certificate
     signing. It was intended to facilitate the transition in environments
     with SHA-1 certificates. SHA-1 is considered a weak message digest and
     its use constitutes a security risk.

Changes
   * Set config option MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE to be
     disabled by default.
Remove MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES option. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com> 2021-08-27 14:34:22 +02:00			`Removals`
			`* Remove config option MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES,`
			`which allowed SHA-1 in the default TLS configuration for certificate`
			`signing. It was intended to facilitate the transition in environments`
			`with SHA-1 certificates. SHA-1 is considered a weak message digest and`
			`its use constitutes a security risk.`
Disable MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE in default config. Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com> 2021-08-27 15:36:47 +02:00
			`Changes`
			`* Set config option MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_KEY_EXCHANGE to be`
			`disabled by default.`