Comment 20 for bug 1558331

I dont think this is a bug. The wording says what the issue is. The Key used is only sha1 which is considered too weak. The ones using that old Keys should fix their repos and make proper signing.