Remove SHA-1 support

[briansmith]

Remove the following signature algorithms:

• ECDSA_P256_SHA1
• ECDSA_P384_SHA1
• RSA_PKCS1_2048_8192_SHA1

Mozilla, Microsoft, and Google are all planning to turn off SHA-1 support on 2017-1-1 or 2017-2-1. It seems unlikely that anybody using webpki is going to need to support SHA-1 even as of now, so I propose we remove them now.

[briansmith]

RSA_PKCS1_2048_8192_SHA1

According to the Chromium developers, it isn't fully web-compatible to remove support for RSA with SHA-1 signatures for TLS 1.2 ServerKeyExchange messages, so I'm going to keep RSA_PKCS1_2048_8192_SHA1 for now. We should add some documentation about how to use it: In particular, it shouldn't be passed as an acceptable certificate signature algorithm, but it may be necessary to pass it to EndEndityCert::verify_signature as an acceptable algorithm if maximum web compatbility is necessary.

However, also according to them, it is web-compatible to remove support for ECDSA-SHA1 and ECDSA-SHA512 signatures, and I've done that for 0.6.0 in these commits:

• SHA-1: 7255c55
• SHA-512: a830244

We still also may remove RSA_PKCS1_2048_8192_SHA1 completely, depending on what our own compatibility testing shows.

[briansmith]

c26bca4 is related to this: It removes support for a legacy RSA-SHA1 algorithm identifier.