@ -6,10 +6,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
## [Unreleased]
### Changed
- Certificates signed by an issuer using an RSA key will use the same algorithm
and not default to PKCS #1. For example, if the issuer certificate uses
x509.SHA256WithRSAPSS, the signed certificate will also be signed using
x509.SHA256WithRSAPSS.
- Certificates signed by an issuer using an RSA key will be signed using the same algorithm as the issuer certificate was signed with. The signature will no longer default to PKCS #1. For example, if the issuer certificate was signed using RSA-PSS with SHA-256, a new certificate will also be signed using RSA-PSS with SHA-256.