diff --git a/jose/jws.go b/jose/jws.go
index 2aab603e3..63a4b1ad9 100644
--- a/jose/jws.go
+++ b/jose/jws.go
@@ -190,6 +190,8 @@ func Sign(alg JoseAlgorithm, privateKey interface{}, payload []byte) (JsonWebSig
 		if rsaPriv == nil {
 			return zero, errors.New(fmt.Sprintf("Algorithm %s requres RSA private key", jws.Header.Algorithm))
 		}
+		// Contrary to docs, you can't pass a nil instead of the PSSOptions; You'll
+		// get a nil dereference.
 		sig, err = rsa.SignPSS(rand.Reader, rsaPriv, hashID, inputHash, &rsa.PSSOptions{})
 	case "E":
 		if ecPriv == nil {