bc-pi
commented
7 months ago Just noting that an MAC issuer key is usually not referred to as a private key. Maybe put private in brackets, but I'm unsure.
The scope of this PR was intentionally to only remove the explicit prohibition on MAC. Not to explain how it might work or adjust other language about asymmetric signatures or private keys or similar. Just remove the explicit prohibition so that, should some deployment/ecosystem/jurisdiction need to MAC for whatever reason, it's not directly going against a normative must.
This addresses Issue #369. The rest of the text still refers to asymmetric signatures, but technically, an HMAC is now allowed.