# This is a subpolicy dropping the SHA1 hash and signature support
# Carried out as part of CIS Benchmark rule 1.6.3

hash = -SHA1
sign = -*-SHA1
sha1_in_certs = 0