RSA-PSS for TLS

Category: Security
Type: New or changed feature
Status: Enabled by default (Chrome 56)
Intent stage: None

Summary

In preparation for TLS 1.3, ship RSA-PSS signature algorithms in our TLS implementation. This will improve the options available for signing with RSA keys in TLS 1.2 (aligning with QUIC and TLS 1.3) and, more importantly, pave the road for TLS 1.3 by ensuring the ecosystem can handle new signature algorithms.

Standards & signals

Specification: https://tools.ietf.org/html/draft-ietf-tls-tls13-15#section-4.2.2
Firefox: In development
Safari: No signal
Web developers: No signals
Tracking bug: https://bugs.chromium.org/p/chromium/issues/detail?id=642416

View on chromestatus.com