The relevant change is SHA1 in openssl3 https://github.com/openssl/openssl/commit/aba03ae571ea677fc484daef00a21ca8f7e82708 SHA1 is, contrary to what someone would expect given that the documentation says:
Level 4
Security level set to 192 bits of security. As a result RSA, DSA and DH keys shorter than 7680 bits and ECC keys shorter than 384 bits are prohibited. Cipher suites using SHA1 for the MAC are prohibited. TLS versions below 1.2 are not permitted.
The relevant change is SHA1 in openssl3 /github. com/openssl/ openssl/ commit/ aba03ae571ea677 fc484daef00a21c a8f7e82708
https:/
SHA1 is, contrary to what someone would expect given that the documentation says:
Level 4
Security level set to 192 bits of security. As a result RSA, DSA and
DH keys shorter than 7680 bits and ECC keys shorter than 384 bits are
prohibited. Cipher suites using SHA1 for the MAC are prohibited. TLS
versions below 1.2 are not permitted.