Implement PASETO as a more secure alternative to JOSE (JWT & co)

ory / kratos

Next-gen identity server replacing your Auth0, Okta, Firebase with hardened security and PassKeys, SMS, OIDC, Social Sign In, MFA, FIDO, TOTP and OTP, WebAuthn, passwordless and much more. Golang, headless, API-first. Available as a worry-free SaaS with the fairest pricing on the market!

https://www.ory.sh/kratos/?utm_source=github&utm_medium=banner&utm_campaign=kratos

Apache License 2.0

10.87k stars 939 forks source link

Implement PASETO as a more secure alternative to JOSE (JWT & co) #808

Closed sycured closed 3 years ago

sycured commented 3 years ago

Hi, PASETO exists for a long time now and Okta implemented it as a more secure alternative to JOSE.

https://paragonie.com/blog/2018/03/paseto-platform-agnostic-security-tokens-is-secure-alternative-jose-standards-jwt-etc
https://developer.okta.com/blog/2019/10/17/a-thorough-introduction-to-paseto
Library in Go: https://github.com/o1egl/paseto (listed on official website: https://paseto.io/)

Regards

aeneasr commented 3 years ago

Thank you for the idea! However, this project does not use JOSE and does not intend to use it. So I'll be closing this. One area where we could add support for PASETO would be in ORY Oathkeeper as an alternative to the JWT ID Token.