[$] Removing SHA-1 for signatures in Fedora

Disruptive changes are not much fun for anyone involved, though they may benecessary at times. Moving away from the SHA-1 hash function, atleast for cryptographic purposes, is probably one of those necessary disruptivechanges. There are betteralternatives to SHA-1, which has been "broken" from a cryptographic perspective for quite some time now, and most of thesoftware components that make up a distribution can be convinced to useother hash functions. But there are still numerous hurdles to overcome inmaking that kind of a switch as a recent discussion on the Fedora develmailing list shows.