Comment 15 for bug 1174499

Add in another +1 for sha256 or above. There's really no reason to move to anything less than that. The "pain" is caused by the migration itself not the particular algorithm used. It's just as easy to move to sha256 (or higher) as it is sha1 and sha256+ have better safety margins.