Use SHA-2 (SHA-512) to store the certificate fingerprint instead of SHA-1

Because SHA-1 is not really relevant anymore. Too bad it's significantly longer and tiring to check, even if that is to be expected.
author: mathieui <mathieui@mathieui.net> 2014-10-08 12:55:22 +0200
committer: mathieui <mathieui@mathieui.net> 2014-10-08 12:55:22 +0200
commit: 8d2408c16943ca3c7beb70905690e3b1e24079b2 (patch)
tree: 578fcf3e1924b89bb73ea837b0d4e58adc7a80b3 /doc
parent: dc4f9cc35a180aff708c9693f6cef8ab992d0fa5 (diff)
download: poezio-8d2408c16943ca3c7beb70905690e3b1e24079b2.tar.gz
poezio-8d2408c16943ca3c7beb70905690e3b1e24079b2.tar.bz2
poezio-8d2408c16943ca3c7beb70905690e3b1e24079b2.tar.xz
poezio-8d2408c16943ca3c7beb70905690e3b1e24079b2.zip
1 files changed, 5 insertions, 2 deletions
diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst
index b15d5140..419e1880 100644
--- a/doc/source/configuration.rst
+++ b/doc/source/configuration.rst
@@ -62,8 +62,11 @@ and certificate validation.
 
         **Default value:** ``[empty]``
 
-        The fingerprint of the SSL certificate as a hexadecimal string, you should
-        not touch it, except if know what you are doing.
+        The SHA-2 fingerprint of the SSL certificate as a hexadecimal string,
+        you should not touch it, except if know what you are doing.
+
+        .. note:: the fingerprint was previously stored in SHA-1, and has been
+                silently upgraded to SHA-2 if the SHA-1 still matched.
 
     ciphers
author	mathieui <mathieui@mathieui.net>	2014-10-08 12:55:22 +0200
committer	mathieui <mathieui@mathieui.net>	2014-10-08 12:55:22 +0200
commit	8d2408c16943ca3c7beb70905690e3b1e24079b2 (patch)
tree	578fcf3e1924b89bb73ea837b0d4e58adc7a80b3 /doc
parent	dc4f9cc35a180aff708c9693f6cef8ab992d0fa5 (diff)
download	poezio-8d2408c16943ca3c7beb70905690e3b1e24079b2.tar.gz poezio-8d2408c16943ca3c7beb70905690e3b1e24079b2.tar.bz2 poezio-8d2408c16943ca3c7beb70905690e3b1e24079b2.tar.xz poezio-8d2408c16943ca3c7beb70905690e3b1e24079b2.zip