On 1 July 2015 at 08:37, Karen O'Donoghue <[email protected]> wrote: > https://tools.ietf.org/id/draft-jones-jose-jws-signing-input-options-00.txt
I would like to see some discriminator added to the input for the (false, false) option this proposes. As it stands, the payload is the only input. Restricting the space of what might be signed ensures that signatures can't be transplanted. A fixed string would suffice. _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
