> crypto algorithm negotiation If you control both sides, then you can ignore th... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		daigoba66 on Aug 25, 2021 \| parent \| context \| favorite \| on: API Tokens: A Tedious Survey > crypto algorithm negotiation If you control both sides, then you can ignore this part or do it out-of-band. Though, if you control both sides, then you can use literally anything else too.

jerf on Aug 25, 2021 [–]

But that's the problem with JWTs, the whole "if you..." part. You want fewer of those rather than more in your crypto code, and JWT has too many. That's the whole problem.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact