-
Hello.I have recently started studying Paseto.As a person coming from a JWT background I am used to the refresh token idea(when my JWT expires I get a new one by providing a special key)
Now as an …
-
Hi @paragonie-security and folks,
Could you tell me whether Ed25519 secret key should include seed information or not?
The spec (https://github.com/paseto-standard/paserk/blob/master/types/secre…
-
Yo should make possible to use paseto on your website (like JWT does).
It would be great!
-
Hi, one thing I like very much about [PASETO](https://paseto.io/) is it's impossible to use it in insecure ways.
I'm not talking about JWT RFC flaws, but rather about API that we can and should imple…
-
I became interested in your paseto standard after feeling a bit uneasy about JWT's, but I have a few questions and wasn't sure how else to ask but to make a github issue (feel free to add the answers …
-
One of the hard problems with stateless tokens is stateless revocation. (This is why PASETO never tried to be a stateless token.)
There are a couple of ways to force the invalidation of unexpired t…
-
Being interested in using PASETO as Python developer, I googled and found this implementation in Python:
https://github.com/purificant/python-paseto by @purificant
Its latest commit is a month ago…
-
Hello
This is a very nice project, and I'm considering to switch from JWT.
I know JWT also doesn't have this feature, But I want to know paseto project can support "set token invalid before expi…
-
I couldn't find any information about what is the expected order of keys in the payload, it would be useful that in any implementation such code:
```
encode(decode(Payload)) == Payload
```
Cur…
-
It may be a bit strange to call an error in the documentation a security vulnerability, but I think it is justified here.
The [documentation](https://github.com/paragonie/paseto/tree/master/docs/02…