default signing algorithms should not use SHA1

Open rhoerbe opened this issue 9 years ago • 3 comments

How to change digest and signature to SHA-2?

May 31 '16 19:05 rhoerbe

perhaps you are right - in the meantime, checkout the documentation for xmlsec.Config: https://github.com/leifj/pyXMLSecurity/blob/master/src/xmlsec/init.py#L25 for info on how to change the default via pyconfig

Jun 01 '16 20:06 leifj

Lets keep this open until we figure out a clean transition path to default-sha2

Jun 01 '16 20:06 leifj

How about making a new major version? It seems a lot of issues and pull requests have been piling up in this project, and perhaps the way to get back to the surface is with a new major version.

Jun 07 '18 08:06 fredrikt