-
### What works perfectly and correctly
Adding ["kid" (Wrapped PASERK)](https://github.com/paseto-standard/paseto-spec/blob/master/docs/02-Implementation-Guide/04-Claims.md#optional-footer-claims) fie…
-
-
**Describe the bug**
If you pass a serializable struct to `CustomClaims` the builder will generate an invalid JSON payload due to the trimming of multiple object delimiters.
The builder will still…
-
> don't use JWT. JWT terrifies me, and it terrifies all the crypto engineers I know. As a security standard, it is a series of own-goals foreseeable even 10 years ago based on the history of crypto st…
-
I am lost on this issue. When running the tests, I get the following error:
```console
---- database::test::test_search_bench_dupes stdout ----
thread 'database::test::test_search_bench_dupes' pani…
-
## I wish signed exchanges to cover the non-repudiation use-case
I wish to use the `Signature` header for non repudiation.
Example:
- client sends a request with a Signature of given header…
-
Do you have an example of using this with .NET minimal API, especially with roles and `RequireAuthorization` on the `RouteGroupBuilder`?
This is the way I was doing it with JWT:
```csharp
p…
-
Right now, Rekor signs the representation of the Rekor entry as-provided. Most Rekor entries are JSON, so there's no canonical encoding.
The current implementation of the Bundle format relies on re…
-
The IETF SCITT working group is working on an effort related to [sigstore](https://www.sigstore.dev/). They decided to base their work on the [RFC 9052 \- CBOR Object Signing and Encryption \(COSE\)](…
-
## Expected Behavior
Session cookies must be verified for correctness.
Key used for generation must be unique per installation.
In general: It must not be possible for the client to modify cookie…
M4LuZ updated
6 years ago