added non-backward compatible flag change for v0.7 about sha1 certs

2025-03-03 12:19:31 -05:00 · 2025-01-10 22:47:46 +01:00 · 2025-01-10 22:47:46 +01:00 · e18bb74a5e
commit e18bb74a5e
parent b2d05d7d8e
1 changed files with 13 additions and 3 deletions
--- a/retroshare.pri
+++ b/retroshare.pri
@ -286,7 +286,7 @@ isEmpty(RS_THREAD_LIB):RS_THREAD_LIB = pthread
 #
 #  V07_NON_BACKWARD_COMPATIBLE_CHANGE_002:
 #
-#     What: Use RSA+SHA256 instead of RSA+SHA1 for PGP certificate signatures
+#     What: Use RSA+SHA256 instead of RSA+SHA1 for SSL certificates 
 #
 #     Why:  Sha1 is likely to be prone to primary collisions anytime soon, so it is urgent to turn to a more secure solution.
 #
@ -303,9 +303,19 @@ isEmpty(RS_THREAD_LIB):RS_THREAD_LIB = pthread
 #  V07_NON_BACKWARD_COMPATIBLE_CHANGE_004:
 #
 #    What: Do not probe that GXS tunnels accept fast items. Just assume they do.
+#
 #    Why:  Avoids sending probe packets
+#
 #    BackwardCompat: old RS before Mai 2019 will not be able to distant chat.
 #
+#  V07_NON_BACKWARD_COMPATIBLE_CHANGE_005:
+#
+#    What: Stop accepting certificates signed with sha1 algorithm
+#
+#    Why:  Sha1 has been declared insecure and shouldn't be used anymore. 
+#
+#    BackwardCompat: Retroshare profiles generated before Nov.2024 with openpgp-sdk may still use sha1
+#
 ###########################################################################################################################################################

 ###########################################################################################################################################################