.new
The Certificate issued by the CA published in the DANE-TA model should be
issued using a strong hash algorithm.
-Exim, and importantlyimportantly various other MTAs sending to you, will not
+Exim, and importantly various other MTAs sending to you, will not
re-enable hash algorithms which have been disabled by default in TLS
libraries.
This means no MD5 and no SHA-1. SHA2-256 is the minimum for reliable