David Benjamin noted that we really need to decide whether PSS was something that we should have supported in TLS 1.2. We can't have a situation where there are two implementations of 1.3 that for some reason have 1.3 disabled where they disagree whether PSS is acceptable.
I have opened a PR that makes it clear that PSS is defined for TLS 1.2. https://github.com/tlswg/tls13-spec/pull/557 _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
