JOSE (Javascript Object Signing and Encryption) is a bad standard that everyone should avoid https://paragonie.com/blog/2017/03/jwt-json-web-tokens-is-bad-standard-that-everyone-should-avoid …
Indeed. It should be done right at the library level making it hard/impossible to do wrong without writing your own.
-
-
then at the library level, we need correct guidance on how to handle ambiguities in the standard. So better standards :)
- End of conversation
New conversation -
-
-
OpenSSL supporting joke ciphers like "none" was purely OpenSSL's fault, not the spec/protocol's (despite it being a mess too).
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.