Feature signing and verifying? #67
Comments
|
You can call it "in progress" however work in this repo has largely stalled |
|
Ah thanks. Just curious... It seems like almost all JOSE libraries have stalled in their development. Is there a larger reason for this? I've heard of some security flaws in the protocol. Are there alternatives we should be considering? |
|
In the case of this repo I think the original contributors simply lost interest. For signatures you can just sign data directly without involving some other protocol. X.509 SPKI provides a widely-used public key format which is supported by all of our crates. |
|
Interest, no. Resources, yes. |
|
Ok thanks. I'm storing keys in a larger data structure that can be formatted as JSON, hence my interest in JWK. I suppose I could do away with any JWS formatting and just encode the signature directly as base64 or similar... |
|
@wellcaffeinated all of the signature algorithm implementations we maintain have |
|
I am interested in further developing this library because RFC 8995 extensions need it. How would I go on about to contribute? |
|
@juliankrieger perhaps sketch out what you have in mind here, and then open a PR which implements it |
Hi I like how this library is organized, but I'm struggling to find a way to do the following:
Is this library capable of doing this yet? Or is it still in progress?
The text was updated successfully, but these errors were encountered: