Kevin Burke: Things to use instead of JWT

Things to use instead of JWT. Kevin Burke: “In general, specifications that allow the attacker to choose the algorithm for negotiation have more problems than ones that don’t (see TLS).” Burke helpfully covers four use cases.

---

There are 4 other entries posted on this day.