openpgp: Document the existence of the sequoia-policy-config crate.

  - Sometimes it is useful to configure a `StandardPolicy` via a
    configuration file.

  - To avoid pulling in a number of additional dependencies, this is
    implemented in a separate crate, `sequoia-policy-config`.

  - Document its existence in the `StandardPolicy` documentation to
    improve its discoverability.

  - Fixes #941.

1 files changed, 13 insertions, 0 deletions

diff --git a/openpgp/src/policy.rs b/openpgp/src/policy.rs
index c500247e..7ba1272c 100644
--- a/openpgp/src/policy.rs
+++ b/openpgp/src/policy.rs
@@ -450,6 +450,19 @@ impl Default for HashAlgoSecurity {
 /// algorithms is no longer considered safe.  Attempts to use an
 /// algorithm after its cutoff time should fail.
 ///
+/// A `StandardPolicy` can be configured using Rust.  Sometimes it is
+/// useful to configure it via a configuration file.  This can be done
+/// using the [`sequoia-policy-config`] crate.
+///
+///   [`sequoia-policy-config`]: https://docs.rs/sequoia-policy-config/latest/sequoia_policy_config/
+///
+/// It is recommended to support using a configuration file when the
+/// program should respect the system's crypto policy.  This is
+/// required on Fedora, for instance.  See the [Fedora Crypto
+/// Policies] project for more information.
+///
+///   [Fedora]: https://gitlab.com/redhat-crypto/fedora-crypto-policies
+///
 /// When validating a signature, we normally want to know whether the
 /// algorithms used are safe *now*.  That is, we don't use the
 /// signature's alleged creation time when considering whether an