In 2020, OpenSSL had a vuln related to the signature_algorithms_cert ext. openssl-library.org/news/secadv/...
Palo Alto apparently "solved" this in their IPS by blocking connections with "unknown" algs in sigalg_cert.
Six years later, we can't add ML-DSA to sigalg_cert in Go. sigalg_cert is dead.
github.com
What version of Go are you using (go version)? $ go version go version go1.27-devel_bfbbe9667e Fri May 22 15:49:08 2026 -0700 darwin/arm64 Does this issue reproduce with the latest release? No What...
