From f1a0f0a56fdd0fc39f255174ce08c06b91c66c94 Mon Sep 17 00:00:00 2001
From: wolfbeast <mcwerewolf@gmail.com>
Date: Fri, 23 Feb 2018 11:04:39 +0100
Subject: Update NSS to 3.35-RTM

---
 security/nss/doc/certutil.xml | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'security/nss/doc/certutil.xml')

diff --git a/security/nss/doc/certutil.xml b/security/nss/doc/certutil.xml
index 461b21389..d5062bd5e 100644
--- a/security/nss/doc/certutil.xml
+++ b/security/nss/doc/certutil.xml
@@ -455,6 +455,16 @@ of the attribute codes:
         <listitem><para>Set an alternate exponent value to use in generating a new RSA public key for the database, instead of the default value of 65537. The available alternate values are 3 and 17.</para></listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term>--pss</term>
+        <listitem><para>Restrict the generated certificate (with the <option>-S</option> option) or certificate request (with the <option>-R</option> option) to be used with the RSA-PSS signature scheme. This only works when the private key of the certificate or certificate request is RSA.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term>--pss-sign</term>
+        <listitem><para>Sign the generated certificate with the RSA-PSS signature scheme (with the <option>-C</option> or <option>-S</option> option). This only works when the private key of the signer's certificate is RSA. If the signer's certificate is restricted to RSA-PSS, it is not necessary to specify this option.</para></listitem>
+      </varlistentry>
+
       <varlistentry>
         <term>-z noise-file</term>
         <listitem><para>Read a seed value from the specified file to generate a new private and public key pair. This argument makes it possible to use hardware-generated seed values or manually create a value from the keyboard. The minimum file size is 20 bytes.</para></listitem>
-- 
cgit v1.2.3