Added warning about SHA1 being used for response signing in ocsp.rst (#…

…10204) * Update ocsp.rst Added warning about SHA1 being used for sign() * Update ocsp.rst Fixed spelling issues, at least according to en-GB dictionary. * Update ocsp.rst Spell checker didn't catch "algorithim" somehow. * Update ocsp.rst Attempting to rephrase the warning. * Update ocsp.rst Removing rouge space.
pyca · Jan 19, 2024 · bd0a064 · bd0a064
1 parent 82f715c
commit bd0a064
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/docs/x509/ocsp.rst b/docs/x509/ocsp.rst
@@ -340,7 +340,11 @@ Creating Responses
             :class:`~cryptography.hazmat.primitives.asymmetric.ed448.Ed448PrivateKey`
             and an instance of a
             :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
-            otherwise.
+            otherwise. Please note that
+            :class:`~cryptography.hazmat.primitives.hashes.SHA1`
+            can not be used here, regardless of if it was used for
+            :meth:`~cryptography.x509.ocsp.OCSPResponseBuilder.add_response`
+            or not.
 
         :returns: A new :class:`~cryptography.x509.ocsp.OCSPResponse`.