{"id":"rhel9-legacy-allows-sha1-signatures","text":"LEGACY is the only predefined crypto policy that allows SHA-1 in digital signatures; the `DEFAULT:SHA1` subpolicy is the targeted alternative.","truth_value":"IN","source":"repo:entries/2026/03/04/en-documentation-red_hat_enterprise_linux-9-html-security_hardening-using-the-sy.md","source_url":"","source_hash":"","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"rhel9-legacy-allows-sha1-signatures","truth_value":"IN","reason":"premise"}]}}