Firefox 39.02a Developer Edition supports RSASSA-PSS algorithm: Will it be in the final release for sure?
Firefox 39.02a Developer Edition supports RSASSA-PSS (1.2.840.113549.1.1.10) algorithm, a PKCS#1 v1.5 signature: I couldn't find any Release Notes about it, but support seems to be implemented since 39.02a: As it is a crucial decision for us as a company I need to know if it'll be implemented in the final release of FF 39 and if 2015-06-29 is still accurate as the announced release date for this version of Firefox.
Kind regards, Carsten
All Replies (5)
Sorry, Typo: It's Firefox 39.0a2 :)
I'm fairly sure this isn't supported, actually. Are your sure your certificate isn't falling back to a different algorithm?
This bug is where support for RSA PPS was happening, but it has been around since 2002, and hasn't been updated in over a year.
If you are absolutely sure that it is supported (although I'm fairly sure it isn't), then there is a very large chance it will make it into release. However, nothing is guaranteed. If a change causes major problems, it will be removed. As far as release dates, that won't change. Sometimes, the release will be held back by a few days (rarely up to a week) if there is a major problem with it, but that doesn't happen very often.
Thanks for your answer. Well, at least I can tell it works in FF 39.0a2 and also in FF 40.0a1 whih actually would not be a total surprise as IE and Chrome both support RSA PPS. As always in life: It would be better to actually know than to believe (no offense!): How can the devs be contacted? Somebody needs to know for sure.
See also:
- bug 1088140 - SEC_ERROR_BAD_DER on certificates with RSA-PSS signatures and/or RSA-PSS public keys
Thank you all! One final thing: FF37/38 both have a problem with TLS_RSA_WITH_AES_128_CBC_SHA and TLS 1.2: I habe to turn it off serverwise and only allow for TLS 1.0: Known?