-
Hello,
I'm using the PASETO package here https://www.npmjs.com/package/paseto to generate PASETO tokens and am trying to understand if there is a standard way to generate a PASETO token that yields…
-
A user should be able to compute the public key from a given private key of the current versions v2, v3 and v4.
This should be straight forward with v2 and v4 since the ed25519 crates support the …
brycx updated
2 years ago
-
This is a follow-up to the [HS256/RS256 Type Confusion attack](https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/) against the JWT protocol.
Now, firebase/php-jwt attempts…
-
What is your plans re v3.public will you be supporting it? If so do you have an ETA?
-
Hi, PASETO exists for a long time now and Okta implemented it as a more secure alternative to JOSE.
- https://paragonie.com/blog/2018/03/paseto-platform-agnostic-security-tokens-is-secure-alternati…
-
Evaluate in comparison with UCANs https://github.com/json-web-proofs/json-web-proofs#user-content-fn-JWS-66165f84d74d387b4cbbf94b42d9a297
And think through what a demo might entail
-
I tried decoding a public token corresponding to the following nested data structure:
```json
{
"iss": "paragonie.com",
"sub": "test",
"aud": "pie-hosted.com",
"exp": "2039-01-01T00:00:0…
-
https://github.com/ueberauth/guardian_paseto
- retrofit libsodium to all servers when upgrading Brando
- add libsodium to terraform scripts
-
In a lot of the reading I've done on PASETOs, it seems that they should be single use only.
For example:
https://developer.okta.com/blog/2019/10/17/a-thorough-introduction-to-paseto
> PASETOs ar…
-
https://github.com/aidantwoods/swift-paseto/blob/297a9e3506c8ad5d6404800157b129fa3c49cee6/Sources/Paseto/Keys/Key.swift#L10-L22
This should also indicate what version of PASETO the key is intended …