This release, we introduce the ability for administrators to specify how many approver's are required within team workflows relative to critical tasks. Administrators can now specify whether 1, 2 or 3 users within a team is required to approve a keypair export, delete a keypair, revoke a certificate or approval an offline keypair release.
Probabilistic Signature Scheme (PSS) supports randomization thereby producing a different value of signature each time even when the same binary is signed by the same RSA key to help make the signature more secure and robust. Secure Software Manager is introducing support for RSA PSS via our PKCS11 library to support signatures completed by OpenSSL using SSM secured keypairs in disk based storage.
In this release, we want to help introduce supports for signing users to help them understand their readiness to be able to sign. This feature enables the user to make a health check request from the SSM CLI (SMCTL) to check if they have the necessary user credentials to make a successful signature and also checks on the users client machine what 3rd party signing tools are available to perform signing.
In this release, we will extend support to generate new, view details and update existing standard keypairs via our SSM CLI (SMCTL). We also want to extend support to generate and update releases for standard keypairs.
You can now request a new keypair with just the ECDSA algorithm, instead of both the ECDSA and EdDSA algorithms.[DOSSM-3223]