From 935987ae2acab007cb48ac148174e77fed38588f Mon Sep 17 00:00:00 2001
From: Sean Turner <sean@sn3rd.com>
Date: Wed, 10 Apr 2024 13:55:58 -0400
Subject: [PATCH] Publish Trust Anchors Control hashAlgorithm change

Changed Publish Trust Anchors Control hashAlgorithm to SHA-256
---
 draft-mandel-lamps-rfc5272bis.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/draft-mandel-lamps-rfc5272bis.md b/draft-mandel-lamps-rfc5272bis.md
index 135873e..13260c6 100644
--- a/draft-mandel-lamps-rfc5272bis.md
+++ b/draft-mandel-lamps-rfc5272bis.md
@@ -243,6 +243,10 @@ Note: For now, this section will be list of the changes introduced
 
 * Address management of KEM certificate
 
+--03 version changes:
+
+* Publish Trust Anchors Control hashAlgorithm changed to SHA-256
+
 --02 version changes:
 
 * Add module to support new HMAC algorithms in PBKDF2
@@ -2726,7 +2730,7 @@ The fields in PublishTrustAnchors have the following meaning:
 
 >> hashAlgorithm is the identifier and parameters for the hash
    algorithm that is used in computing the values of the anchorHashes
-   field. All implementations MUST implement SHA-1 for this field.
+   field. All implementations MUST implement SHA-256 for this field.
 
 >> anchorHashes are the hashes for the certificates that are to be
    treated as trust anchors by the client. The actual certificates