Why is the notification API using ECDSA-SHA1 for signature verification when SHA1 is considered insecure and has been deprecated for several years? I'm working on an integration for our Salesforce instance with the Marketplace Account Deletion and Salesforce doesn't support ECDSA-SHA1 verification, it supports ECDSA-SHA256, 384, and 512.
Is there a way to get/request a higher level of encryption hash for these calls? If not, I'm not sure how to even complete a Salesforce/eBay integration at this point.
