Revert "Stop accepting certificates signed using SHA1 at security level 1"

This reverts commit 68436f0a8964e911eb4f864bc8b31d7ca4d29585. The OMC did not vote in favour of backporting this to 1.1.1, so this change should be reverted. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11282)
author: Matt Caswell <matt@openssl.org> 2020-03-09 09:05:27 +0000
committer: Matt Caswell <matt@openssl.org> 2020-03-11 14:56:05 +0000
commit: 63fa6f2e4ba7641fd5f10c70eaa0c3a4b42e124c (patch)
tree: cc72e2f7ac427de5ec93dfbad01b6a051721f814 /NEWS
parent: 004f570821b1a92cbb733d8e03b54223231bfac3 (diff)
download: openssl-new-63fa6f2e4ba7641fd5f10c70eaa0c3a4b42e124c.tar.gz
1 files changed, 1 insertions, 4 deletions
diff --git a/NEWS b/NEWS
index 11840cf05b..4af390505d 100644
--- a/NEWS
+++ b/NEWS
@@ -7,10 +7,7 @@
 
   Major changes between OpenSSL 1.1.1d and OpenSSL 1.1.1e [under development]
 
-      o X509 certificates signed using SHA1 are no longer allowed at security
-        level 1 or higher. The default security level for TLS is 1, so
-        certificates signed using SHA1 are by default no longer trusted to
-        authenticate servers or clients.
+      o
 
   Major changes between OpenSSL 1.1.1c and OpenSSL 1.1.1d [10 Sep 2019]
author	Matt Caswell <matt@openssl.org>	2020-03-09 09:05:27 +0000
committer	Matt Caswell <matt@openssl.org>	2020-03-11 14:56:05 +0000
commit	63fa6f2e4ba7641fd5f10c70eaa0c3a4b42e124c (patch)
tree	cc72e2f7ac427de5ec93dfbad01b6a051721f814 /NEWS
parent	004f570821b1a92cbb733d8e03b54223231bfac3 (diff)
download	openssl-new-63fa6f2e4ba7641fd5f10c70eaa0c3a4b42e124c.tar.gz