Updates re MD5/SHA1 usage. (#2917)

* Updates re MD5/SHA1 usage.

* Update summary tag contents

Per comments from @mairaw.

* Update summary tag edits.

Per feedback from @mairaw.

* Move enum summary content to remarks.

Author: TimShererWithAquent

xml/Microsoft.Build.Tasks.Deployment.ManifestUtilities/BaseReference.xml

@@ -148,7 +148,7 @@
       <Docs>
         <summary>Gets or sets the SHA1 hash of the file.</summary>
         <value>A string indicating the SHA1 hash of the file.</value>
-        <remarks>To be added.</remarks>
+        <remarks>Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better.</remarks>
       </Docs>
     </Member>
     <Member MemberName="IsOptional">

xml/Mono.Security.Interface/HashAlgorithmType.xml

@@ -35,6 +35,7 @@
       <MemberValue>1</MemberValue>
       <Docs>
         <summary>To be added.</summary>
+        <remarks>Due to collision problems with SHA1, Microsoft recommends SHA256 or better.</remarks>
       </Docs>
     </Member>
     <Member MemberName="Md5Sha1">
@@ -55,6 +56,7 @@
       <MemberValue>254</MemberValue>
       <Docs>
         <summary>To be added.</summary>
+        <remarks>Due to collision problems with SHA1, Microsoft recommends SHA256 or better.</remarks>
       </Docs>
     </Member>
     <Member MemberName="None">
@@ -95,6 +97,7 @@
       <MemberValue>2</MemberValue>
       <Docs>
         <summary>To be added.</summary>
+        <remarks>Due to collision problems with SHA1, Microsoft recommends SHA256 or better.</remarks>
       </Docs>
     </Member>
     <Member MemberName="Sha224">
@@ -198,4 +201,4 @@
       </Docs>
     </Member>
   </Members>
-</Type>
+</Type>

xml/System.CodeDom/CodeChecksumPragma.xml

@@ -192,7 +192,7 @@
   
  The calculation of the checksum is language-specific. That is, the language vendor can use any of the hashing algorithms known to the debugger to calculate the checksum. The use of a GUID for this property provides hash algorithm extensibility.  
   
-   
+ Due to collision problems with SHA1 and MD5, Microsoft recommends a security model based on SHA256 or better.  
   
 ## Examples  
  The following code example shows the setting of the <xref:System.CodeDom.CodeChecksumPragma.ChecksumAlgorithmId%2A> property. This code example is part of a larger example provided for the <xref:System.CodeDom.CodeChecksumPragma> class.  

xml/System.Configuration.Assemblies/AssemblyHashAlgorithm.xml

@@ -122,7 +122,7 @@
       </ReturnValue>
       <MemberValue>0</MemberValue>
       <Docs>
-        <summary>A mask indicating that there is no hash algorithm. If you specify <see langword="None" /> for a multi-module assembly, the common language runtime defaults to the SHA1 algorithm, since multi-module assemblies need to generate a hash.</summary>
+        <summary>A mask indicating that there is no hash algorithm. If you specify <see langword="None" /> for a multi-module assembly, the common language runtime defaults to the SHA1 algorithm, since multi-module assemblies need to generate a hash. Due to collision problems with SHA1, Microsoft recommends SHA256.</summary>
       </Docs>
     </Member>
     <Member MemberName="SHA1">

xml/System.IO.Packaging/PackageDigitalSignatureManager.xml

@@ -257,7 +257,9 @@
  The <xref:System.IO.Packaging.PackageDigitalSignatureManager.HashAlgorithm%2A> property gets or sets the actual hash algorithm this is used to create and verify signatures.  
   
  The <xref:System.IO.Packaging.PackageDigitalSignatureManager.DefaultHashAlgorithm%2A> property is typically used to reset the <xref:System.IO.Packaging.PackageDigitalSignatureManager.HashAlgorithm%2A> property back to default after a temporary change.  
-  
+
+ Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better.
+
  ]]></format>
         </remarks>
         <altmember cref="T:System.Security.Cryptography.Xml.SignedXml" />
@@ -324,7 +326,9 @@
  Unless explicitly set otherwise, this property gets the same value as <xref:System.IO.Packaging.PackageDigitalSignatureManager.DefaultHashAlgorithm%2A>.  
   
  The <xref:System.IO.Packaging.PackageDigitalSignatureManager.HashAlgorithm%2A> property is typically not changed from its default. This property must be changed only if a signature that uses a different known and accessible <xref:System.Security.Cryptography.HashAlgorithm> is encountered.  When finished with the signature that uses a different hash algorithm, call <xref:System.IO.Packaging.PackageDigitalSignatureManager.DefaultHashAlgorithm%2A> to reset the <xref:System.IO.Packaging.PackageDigitalSignatureManager.HashAlgorithm%2A> property back to default.  
-  
+
+ Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better.
+
  ]]></format>
         </remarks>
         <exception cref="T:System.ArgumentNullException">The string for the [!INCLUDE[TLA2#tla_uri](~/includes/tla2sharptla-uri-md.md)] to set is <see langword="null" />.</exception>

xml/System.IdentityModel.Tokens/InMemorySymmetricSecurityKey.xml

@@ -219,7 +219,9 @@
   
 ## Remarks  
  To specify P-SHA1 as the cryptographic algorithm, use the <xref:System.IdentityModel.Tokens.SecurityAlgorithms.Psha1KeyDerivation> field.  
-  
+
+ Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better.
+
  ]]></format>
         </remarks>
         <exception cref="T:System.InvalidOperationException">

xml/System.IdentityModel.Tokens/SecurityAlgorithms.xml

@@ -289,7 +289,7 @@
       </ReturnValue>
       <Docs>
         <summary>Represents the P-SHA1 key generation algorithm. This field is constant.</summary>
-        <remarks>To be added.</remarks>
+        <remarks>Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better.</remarks>
       </Docs>
     </Member>
     <Member MemberName="Psha1KeyDerivationDec2005">
@@ -310,7 +310,7 @@
       </ReturnValue>
       <Docs>
         <summary>Represents the December 2007 version of the P-SHA1 key generation algorithm. This field is constant.</summary>
-        <remarks>To be added.</remarks>
+        <remarks>Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better.</remarks>
       </Docs>
     </Member>
     <Member MemberName="Ripemd160Digest">
@@ -373,7 +373,7 @@
       </ReturnValue>
       <Docs>
         <summary>Specifies a URI that points to the RSA-SHA1 cryptographic algorithm for digitally signing XML. This field is constant.</summary>
-        <remarks>To be added.</remarks>
+        <remarks>Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better.</remarks>
       </Docs>
     </Member>
     <Member MemberName="RsaSha256Signature">
@@ -436,7 +436,7 @@
       </ReturnValue>
       <Docs>
         <summary>Specifies a URI that points to the 160-bit SHA-1 digest algorithm. This field is constant.</summary>
-        <remarks>To be added.</remarks>
+        <remarks>Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better.</remarks>
       </Docs>
     </Member>
     <Member MemberName="Sha256Digest">

xml/System.IdentityModel.Tokens/SymmetricSecurityKey.xml

@@ -80,6 +80,8 @@
   
 ## Remarks  
  To specify P-SHA1 as the cryptographic algorithm, use the <xref:System.IdentityModel.Tokens.SecurityAlgorithms.Psha1KeyDerivation> field.  
+
+ Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better.
   
  ]]></format>
         </remarks>

xml/System.IdentityModel.Tokens/X509AsymmetricSecurityKey.xml

@@ -162,7 +162,9 @@
   
 ## Remarks  
  Use the <xref:System.Security.Cryptography.Xml.SignedXml.XmlDsigDSAUrl>, <xref:System.Security.Cryptography.Xml.EncryptedXml.XmlEncRSA15Url>, <xref:System.Security.Cryptography.Xml.EncryptedXml.XmlEncRSAOAEPUrl>, <xref:System.Security.Cryptography.Xml.SignedXml.XmlDsigRSASHA1Url> or <xref:System.IdentityModel.Tokens.SecurityAlgorithms.RsaSha256Signature> fields to specify the `algorithm` parameter.  
-  
+
+ Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better.
+
  ]]></format>
         </remarks>
         <exception cref="T:System.NotSupportedException">
@@ -209,7 +211,9 @@
   
 ## Remarks  
  Use the <xref:System.Security.Cryptography.Xml.SignedXml.XmlDsigDSAUrl>, <xref:System.Security.Cryptography.Xml.SignedXml.XmlDsigRSASHA1Url> or <xref:System.IdentityModel.Tokens.SecurityAlgorithms.RsaSha256Signature> fields to specify the `algorithm` parameter.  
-  
+
+ Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better.
+
  ]]></format>
         </remarks>
         <exception cref="T:System.NotSupportedException">
@@ -289,7 +293,9 @@
   
 ## Remarks  
  Use the <xref:System.Security.Cryptography.Xml.SignedXml.XmlDsigDSAUrl>, <xref:System.Security.Cryptography.Xml.SignedXml.XmlDsigRSASHA1Url> or <xref:System.IdentityModel.Tokens.SecurityAlgorithms.RsaSha256Signature> fields to specify the `algorithm` parameter.  
-  
+
+ Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better.
+
  ]]></format>
         </remarks>
         <exception cref="T:System.NotSupportedException">The X.509 certificate specified in the constructor does not have a private key.  
@@ -357,7 +363,7 @@
         <summary>Gets a value that indicates whether the specified algorithm uses asymmetric keys.</summary>
         <returns>
           <see langword="true" /> when the specified algorithm is <see cref="F:System.IdentityModel.Tokens.SecurityAlgorithms.DsaSha1Signature" />, <see cref="F:System.IdentityModel.Tokens.SecurityAlgorithms.RsaSha1Signature" />, <see cref="F:System.IdentityModel.Tokens.SecurityAlgorithms.RsaSha256Signature" />, <see cref="F:System.IdentityModel.Tokens.SecurityAlgorithms.RsaOaepKeyWrap" />, or <see cref="F:System.IdentityModel.Tokens.SecurityAlgorithms.RsaV15KeyWrap" />; otherwise, <see langword="false" />.</returns>
-        <remarks>To be added.</remarks>
+        <remarks>Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better.</remarks>
       </Docs>
     </Member>
     <Member MemberName="IsSupportedAlgorithm">
@@ -393,7 +399,9 @@
 -   The `algorithm` parameter is <xref:System.Security.Cryptography.Xml.SignedXml.XmlDsigDSAUrl> and the public key for the X.509 certificate specified in the constructor is of type <xref:System.Security.Cryptography.DSA>.  
   
 -   The `algorithm` parameter is <xref:System.Security.Cryptography.Xml.EncryptedXml.XmlEncRSA15Url>, <xref:System.Security.Cryptography.Xml.EncryptedXml.XmlEncRSAOAEPUrl>, <xref:System.Security.Cryptography.Xml.SignedXml.XmlDsigRSASHA1Url> or <xref:System.IdentityModel.Tokens.SecurityAlgorithms.RsaSha256Signature> and the public key for the X.509 certificate specified in the constructor is of type <xref:System.Security.Cryptography.RSA>.  
-  
+
+Due to collision problems with SHA1, Microsoft recommends a security model based on SHA256 or better.
+
  ]]></format>
         </remarks>
       </Docs>

xml/System.IdentityModel/RsaEncryptionCookieTransform.xml

@@ -228,7 +228,9 @@
 ## Remarks  
  SHA256 is the default algorithm. This may require a minimum platform of Windows Server 2003 and .NET 3.5 SP1.  
   
- If SHA256 is not supported, set the <xref:System.IdentityModel.RsaEncryptionCookieTransform.HashName%2A> property to "SHA1".  
+ If SHA256 is not supported, set the <xref:System.IdentityModel.RsaEncryptionCookieTransform.HashName%2A> property to "SHA1". 
+
+ Due to collision problems with SHA1, Microsoft recommends SHA256 or better. 
   
  ]]></format>
         </remarks>