RSA-PSS for TLS

In preparation for TLS 1.3, ship RSA-PSS signature algorithms in our TLS implementation. This will improve the options available for signing with RSA keys in TLS 1.2 (aligning with QUIC and TLS 1.3) and, more importantly, pave the road for TLS 1.3 by ensuring the ecosystem can handle new signature algorithms.

Specification

Working draft or equivalent

Status in Chromium

Blink components: Blink

Enabled by default (launch bug) in:

• Chrome for desktop release 56
• Chrome for Android release 56
• Opera release 43
• Opera for Android release 43

Consensus & Standardization

• Firefox: In development
• Edge: No public signals
• Safari: No public signals
• Web Developers: No signals

Owners

• davidben@chromium.org
• nharper@chromium.org
• svaldez@chromium.org

Last updated on 2017-06-14