Hello, Debian stretch 09 will probably get its last gnutls update before reaching EOL.
We are pondering whether we should follow Ubuntu's example (USN-4233-1 / USN-4233-2) and stop trusting signatures using SHA-1 by default and adding supprt for %VERIFY_ALLOW_BROKEN and %VERIFY_ALLOW_SIGN_WITH_SHA1 priority strings. We currently tend to do so, what would appreciate a second opinion from GnuTLS upstream. cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
