Another status update for transparency purposes:
1. openssl-3.0.2-3 and crypto-policies-20220412-1.git97fe449
now distrust SHA-1 signatures in FUTURE policy or NO-SHA1 subpolicy.
Meaning that updating the packages and issuing
`update-crypto-policies --set FUTURE` /
`update-crypto-policies --set DEFAULT:NO-SHA1`
can be used to preview the impact on Fedora 36 / 37.
2. A decision has been made for Fedora ELN to track CentOS Stream 9
crypto-policies.
A side-tag rebuild has been triggered prior to the switch,
and has found ELN to be in a pretty broken shape in general.
Work has been temporarily stalled on that side, but I hope to get back to it.
3. I've drafted the following wiki pages so far:
https://fedoraproject.org/wiki/Changes/StrongCryptoSettings3Forewarning1
https://fedoraproject.org/wiki/SHA1SignaturesGuidance
https://fedoraproject.org/wiki/WeakCryptographyException
feedback is welcome as usual.