Aaron Parecki

#jwt

• How (not) to sign a JSON object | Latacora (www.latacora.com)

  Thu, Jan 25, 2024 2:32pm -08:00 #json #crypto #jwt #canonicalization
• François' Blog - Generate a JSON Web Key Set from PHP for RSA Keys (www.tuxed.net)

  Wed, Feb 23, 2022 3:54pm -08:00 #php #jwk #jwt #openid #oidc
• Tagged “vaccine passports” (educatedguesswork.org)

  Wed, Nov 24, 2021 11:14am -08:00 #vaccine #covid #standards #jwt #passport
• Mike Jones https://twitter.com/selfissued

  Congratulations to @vibronet for RFC 9068: JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens https://www.rfc-editor.org/rfc/rfc9068.html! He noticed a bunch of parties doing nearly the same thing, thought "time for a standard", and made it happen! #IETF #RFC #OAuth #JWT

  Portland, Oregon • 55°F

  Fri, Oct 22, 2021 1:00am +00:00 (liked on Thu, Oct 21, 2021 9:24pm -07:00) #IETF #RFC #OAuth #JWT
• How I Found An alg=none JWT Vulnerability in the NHS Contact Tracing App | zofrex.com (www.zofrex.com)

  Wed, Oct 21, 2020 7:48am -07:00 #jwt #security
• JWTs helping combat fraudulent and unwanted telephone calls (self-issued.info)

  Wed, Feb 12, 2020 3:40pm -08:00 #jwt #security #phone
• 

  I'm not gonna say JSON Web Tokens are *bad* (if used properly), but I'm also not gonna say they're *great* either.
  
  Here's an interesting alternative though: PASETO
  
  https://developer.okta.com/blog/2019/10/17/a-thorough-introduction-to-paseto

  Brighton, England • 58°F

  14 likes 1 repost 1 reply

  Thu, Oct 17, 2019 6:25pm +01:00 #jwt #json #paseto #security #oktadev
• PASETO (paseto.io)

  Fri, Jul 13, 2018 12:38pm -07:00 #json #jwt #jws
• 

  When I see an access token that begins with "eyJ", I base64-decode the middle part to see what data they store in it. #oauth #jwt #security

  

  Portland, Oregon, USA

  14 likes 3 reposts 1 reply

  Tue, Jan 31, 2017 8:09am -08:00 #oauth #jwt #security
• Stop using JWT for sessions - joepie91's Ramblings (cryto.net)

  

  Mon, Jun 13, 2016 1:22pm -07:00 #jwt #security
• Critical vulnerabilities in JSON Web Token libraries (auth0.com)

  Wed, Apr 1, 2015 11:13am -05:00 #jwt #security