AWS Security ChangesHomeSearch

AWS privateca documentation change

Service: privateca · 2025-10-07 · Documentation low

File: privateca/latest/userguide/describe-CA.md

Summary

Refined explanation of CA signing algorithm context

Security assessment

Explicitly distinguishes CA signing from certificate issuance algorithms, improving security documentation accuracy. No vulnerability addressed.

Diff

diff --git a/privateca/latest/userguide/describe-CA.md b/privateca/latest/userguide/describe-CA.md
index 076277c9e..d5a7247cf 100644
--- a//privateca/latest/userguide/describe-CA.md
+++ b//privateca/latest/userguide/describe-CA.md
@@ -75 +75 @@ You can use the ACM console or the AWS CLI to view detailed metadata about a pri
-     * **Signing algorithm** – The algorithm that the CA uses to sign certificate requests. (Not to be confused with the `SigningAlgorithm` parameter used to sign certificates when they are issued.) Possible values are **SHA256 ECDSA** , **SHA384 ECDSA** , **SHA512 ECDSA** , **SHA256 RSA** , **SHA384 RSA** , and **SHA512 RSA**
+     * **Signing algorithm** – The algorithm that the CA uses to sign its own Certificate Signing Request, CRLs, and OCSP responses (Not to be confused with the `SigningAlgorithm` parameter used in the IssueCertificate API.) Possible values are **SHA256 ECDSA** , **SHA384 ECDSA** , **SHA512 ECDSA** , **SHA256 RSA** , **SHA384 RSA** , and **SHA512 RSA**