Can anybody comment on how Debian users will be impacted by SHA-1 deprecation?
In particular: - will libraries like OpenSSL and GnuTLS continue to support it in stretch and beyond? - will web servers like Apache support it in server certificates or certificate chains? - will web servers and other applications accept client certificates containing SHA-1 hashes? - if support for SHA-1 is being removed or disabled by default, will it also be disabled in security updates to jessie and wheezy LTS?