diff options
author | Neal H. Walfield <neal@pep.foundation> | 2022-10-28 20:59:32 +0200 |
---|---|---|
committer | Neal H. Walfield <neal@pep.foundation> | 2022-10-28 20:59:32 +0200 |
commit | 4f218231c7e6f17498960b5cbe6ec5d402219d4d (patch) | |
tree | dbe106a57552ef79b6ca2a498ab7b3c58c9234bb /openpgp/src/policy.rs | |
parent | 7916f90421ecb9a75e32f0284459bcc9a3fd02b0 (diff) |
openpgp: Document the existence of the sequoia-policy-config crate.
- Sometimes it is useful to configure a `StandardPolicy` via a
configuration file.
- To avoid pulling in a number of additional dependencies, this is
implemented in a separate crate, `sequoia-policy-config`.
- Document its existence in the `StandardPolicy` documentation to
improve its discoverability.
- Fixes #941.
Diffstat (limited to 'openpgp/src/policy.rs')
-rw-r--r-- | openpgp/src/policy.rs | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/openpgp/src/policy.rs b/openpgp/src/policy.rs index c500247e..7ba1272c 100644 --- a/openpgp/src/policy.rs +++ b/openpgp/src/policy.rs @@ -450,6 +450,19 @@ impl Default for HashAlgoSecurity { /// algorithms is no longer considered safe. Attempts to use an /// algorithm after its cutoff time should fail. /// +/// A `StandardPolicy` can be configured using Rust. Sometimes it is +/// useful to configure it via a configuration file. This can be done +/// using the [`sequoia-policy-config`] crate. +/// +/// [`sequoia-policy-config`]: https://docs.rs/sequoia-policy-config/latest/sequoia_policy_config/ +/// +/// It is recommended to support using a configuration file when the +/// program should respect the system's crypto policy. This is +/// required on Fedora, for instance. See the [Fedora Crypto +/// Policies] project for more information. +/// +/// [Fedora]: https://gitlab.com/redhat-crypto/fedora-crypto-policies +/// /// When validating a signature, we normally want to know whether the /// algorithms used are safe *now*. That is, we don't use the /// signature's alleged creation time when considering whether an |