Menu
▾
▴
Re: [Resteasy-developers] JWT & JWS implementation on RESTEasy
|
From: Bruno O. <br...@ab...> - 2013-07-02 14:57:59
|
Hi Bill only the "exp" attribute from http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-11 I'm not sure if makes some sense, but I would like to make use of your lib on the client side (Android - extracting bits or the whole jose-jwt module) and into the server side. Each application would have its own signature, for non repudiation against the server and prevent replay attacks. Makes some sense? If not it's ok, I can dig more into the API. Bill Burke wrote: > You want timestamp and exp in the JWS? IMO, this is not needed, its up > to the entity embedded/encoded in the JWS to provide this information. -- abstractj |
