© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
While this might initially seem like prematurely early to end support for SHA-1, it's the tail end of 16.04 LTS's support window that worries me -- I suspect SHA-1 will feel less safe by 2021, but removing support for it in an LTS release feels like the wrong approach.
We may also wish to consider what the server accepts and what the client accepts separately if there's some class of devices that force using SHA-1 in the meantime.
Thanks