• Filippo Valsorda's avatar
    crypto/tls: disable RSA-PSS in TLS 1.2 · 7ccd3583
    Filippo Valsorda authored
    Most of the issues that led to the decision on #30055 were related to
    incompatibility with or faulty support for RSA-PSS (#29831, #29779,
    v1.5 signatures). RSA-PSS is required by TLS 1.3, but is also available
    to be negotiated in TLS 1.2.
    
    Altering TLS 1.2 behavior based on GODEBUG=tls13=1 feels surprising, so
    just disable RSA-PSS entirely in TLS 1.2 until TLS 1.3 is on by default,
    so breakage happens all at once.
    
    Updates #30055
    
    Change-Id: Iee90454a20ded8895e5302e8bcbcd32e4e3031c2
    Reviewed-on: https://go-review.googlesource.com/c/160998
    Run-TryBot: Filippo Valsorda <filippo@golang.org>
    TryBot-Result: Gobot Gobot <gobot@golang.org>
    Reviewed-by: 's avatarAdam Langley <agl@golang.org>
    7ccd3583
Client-TLSv13-ClientCert-RSA-PSS-Disabled 10.5 KB