Blogmarks.net is a social bookmarking service.

Founded in late 2003 and heartquartered in France, we are non-profit and independant.

We believe in the open web, think internet services should be sustainable, build for the long term.

While we are re-launching the service, we only accept new members through invitation.

PUBLIC MARKS with tags security & jwt

08 May 2017 10:45

Things to Use Instead of JWT | Kevin Burke

by Spone

You might have heard that you shouldn't be using JWT. That advice is correct - you really shouldn't use it. In general, specifications that allow the attacker to choose the algorithm for negotiation have more problems than ones that don't (see TLS). N libraries need to implement M different encryption and decryption algorithms, and an attacker only needs to find a vulnerability in one of them, or a vulnerability in their combination. JWT has seen both of these errors; unlike TLS, it hasn't already been deployed onto billions of devices around the world.

security jwt crypto

1 (1 marks)

PUBLIC TAGS related to tag security

Active users

Spone
last mark : 08/05/2017 10:50