draft-ietf-tls-tls13-pkcs1-00 is now RFC 9963 Change-Id: Iaa1f78a6081973a8b3f4b5b3a3dc6048debc6ac4 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/94810 Presubmit-BoringSSL-Verified: boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Lily Chen <chlily@google.com> Commit-Queue: Lily Chen <chlily@google.com> Auto-Submit: David Benjamin <davidben@google.com>
diff --git a/ssl/ssl_privkey.cc b/ssl/ssl_privkey.cc index 0262233..2947529 100644 --- a/ssl/ssl_privkey.cc +++ b/ssl/ssl_privkey.cc
@@ -76,7 +76,7 @@ /*client_only=*/false}, // Legacy PKCS#1 v1.5 code points are only allowed in TLS 1.3 and - // client-only. See draft-ietf-tls-tls13-pkcs1-00. + // client-only. See RFC 9963. {SSL_SIGN_RSA_PKCS1_SHA256_LEGACY, EVP_PKEY_RSA, NID_undef, &EVP_sha256, /*is_rsa_pss=*/false, /*tls12_ok=*/false, /*tls13_ok=*/true, /*client_only=*/true},
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go index b98052c..1f91219 100644 --- a/ssl/test/runner/common.go +++ b/ssl/test/runner/common.go
@@ -334,7 +334,7 @@ signatureMLDSA65 signatureAlgorithm = 0x0905 signatureMLDSA87 signatureAlgorithm = 0x0906 - // draft-ietf-tls-tls13-pkcs1-00 + // RFC 9963 signatureRSAPKCS1WithSHA256Legacy signatureAlgorithm = 0x0420 // signatureRSAPKCS1WithMD5AndSHA1 is the internal value BoringSSL uses to