Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Den här webbplatsen har begränsad funktionalitet medan vi utför underhåll för att förbättra din upplevelse. Om en artikel inte löser ditt problem och du vill ställa en fråga har vi vår gemenskap som väntar på att hjälpa dig på @FirefoxSupport på Twitter, /r/firefox på Reddit.

Sök i support

Akta dig för supportbedrägerier: Vi kommer aldrig att be dig att ringa eller skicka ett sms till ett telefonnummer eller dela personlig information. Rapportera misstänkt aktivitet med alternativet "Rapportera missbruk".

Läs mer

Firefox 39.02a Developer Edition supports RSASSA-PSS algorithm: Will it be in the final release for sure?

  • 5 svar
  • 3 har detta problem
  • 18 visningar
  • Senaste svar av cdeibert

more options

Firefox 39.02a Developer Edition supports RSASSA-PSS (1.2.840.113549.1.1.10) algorithm, a PKCS#1 v1.5 signature: I couldn't find any Release Notes about it, but support seems to be implemented since 39.02a: As it is a crucial decision for us as a company I need to know if it'll be implemented in the final release of FF 39 and if 2015-06-29 is still accurate as the announced release date for this version of Firefox.

Kind regards, Carsten

Firefox 39.02a Developer Edition supports RSASSA-PSS (1.2.840.113549.1.1.10) algorithm, a PKCS#1 v1.5 signature: I couldn't find any Release Notes about it, but support seems to be implemented since 39.02a: As it is a crucial decision for us as a company I need to know if it'll be implemented in the final release of FF 39 and if 2015-06-29 is still accurate as the announced release date for this version of Firefox. Kind regards, Carsten

Alla svar (5)

more options

Sorry, Typo: It's Firefox 39.0a2 :)

more options

I'm fairly sure this isn't supported, actually. Are your sure your certificate isn't falling back to a different algorithm?

This bug is where support for RSA PPS was happening, but it has been around since 2002, and hasn't been updated in over a year.

If you are absolutely sure that it is supported (although I'm fairly sure it isn't), then there is a very large chance it will make it into release. However, nothing is guaranteed. If a change causes major problems, it will be removed. As far as release dates, that won't change. Sometimes, the release will be held back by a few days (rarely up to a week) if there is a major problem with it, but that doesn't happen very often.

more options

Thanks for your answer. Well, at least I can tell it works in FF 39.0a2 and also in FF 40.0a1 whih actually would not be a total surprise as IE and Chrome both support RSA PPS. As always in life: It would be better to actually know than to believe (no offense!): How can the devs be contacted? Somebody needs to know for sure.

more options

See also:

  • bug 1088140 - SEC_ERROR_BAD_DER on certificates with RSA-PSS signatures and/or RSA-PSS public keys
more options

Thank you all! One final thing: FF37/38 both have a problem with TLS_RSA_WITH_AES_128_CBC_SHA and TLS 1.2: I habe to turn it off serverwise and only allow for TLS 1.0: Known?