File measurements today are all sha1 (or md5).  When template support was discussed years ago, we spoke about supporting additional hash algorithms, but that was at the system level - all files would be similarly hashed.   With the asymmetric key support, the hash algorithm used to sign files could be on a per package or even file basis.  Before making changes to  ima_collect_measurement(), are there any objections to this sort of change?