Ian Jackson writes ("Re: Bug#1126793: dgit: autopkgtest regression: SHA1 is not
considered secure since 2026-02-01T00:00:00Z [and 1 more messages]"):
> Simon McVittie writes ("Bug#1126793: dgit: autopkgtest regression: SHA1 is
> not considered secure since 2026-02-01T00:00:00Z"):
> > See the apt (2.9.19) debian/NEWS entry for more details. It might be
> > possible to override this with a suitable value for
> > $APT_SEQUOIA_CRYPTO_POLICY, but regenerating the test keys (or at least
> > updating their self-signatures) is probably easier.
>
> We might do this because we want the same code to work as far back as
> we can. (But I guess even quite old gnupg in Debian supports SHA256
> here.)
In fact I am going to do this *right now* because this terrible
decision to have a time-based deprecation is suddenly blocking my
work.
Ian.
--
Ian Jackson <[email protected]> These opinions are my own.
Pronouns: they/he. If I emailed you from @fyvzl.net or @evade.org.uk,
that is a private address which bypasses my fierce spamfilter.
