The IETF unbearable mailing is continuing to prove itself to be truly unbearable: https://mailarchive.ietf.org/arch/msg/unbearable/NR2KxRO2lnOk06EyLud6l1uz3BI … /cc @sleevi_
-
-
-
@bascule Argh. I'm so annoyed JWS isn't turning out good. Is there any hope? -
@krainboltgreene no, broken by design -
@bascule Fuck. It was such a good way of doing things from a high level perspective. -
@krainboltgreene It's perhaps not as terrible as my last tweet. Well-implemented libraries are ok. But it makes screwing up really easy -
@bascule Yeah, I definitely see that issue. Well, at least I'm glad people are watching this sort of thing. -
@krainboltgreene one of the many reasons I like Macaroons is all of the extant JWT vulns are bugclasses Macaroons solve by design -
@bascule Macaroon is like a chocolate right?
- 1 more reply
New conversation -
-
-
@bascule I truly don't follow your gripe. That said, I'm thrilled to see a lot of the internally-discussed flaws are being discussed openly -
@bascule But if you think Channel ID is a deployed or workable solution though, I've got a bridge in Brooklyn to sell you. -
@bascule Simply put, Channel ID needs to die. It doesn't work. But it apparently works better than nothing, so I can't kill it in Chrome :( -
@sleevi_ this WG's solution seems to be reinventing something like CAS o_O -
@sleevi_ whatever, I'm just a Macaroon maniac...
End of conversation
New conversation -
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.