> On Apr 15, 2022, at 1:10 PM, Jean-Louis Monteiro <jlmonte...@tomitribe.com> > wrote: > > David, yes I figured you'd want to work on JWT. I looked and it seems our > setup needs some love. Some additional tests with EC based algorithms and a > couple of other endpoints need to be updated.
On the note of EC keys, I wonder what people think about potentially using this key parsing library I wrote: - https://github.com/tomitribe/churchkey It does parse EC keys in several different formats, supports 100+ curves and has 1450 unit tests. If you have a public or private key in a handful of PEM formats, OpenSSH format, SSH2 format, JWT format or plain binary DIR format it will parse the key. The very significant con is that it would be the first time we adding a library from that org to our server. It's something I've deliberately avoided. I've always preferred to keep lines clean. I'm not sure how I feel about adding such a dependency and potentially opening a can of worms. I'd like to hear some thoughts from others. Perhaps I'm being overly cautious. -David
smime.p7s
Description: S/MIME cryptographic signature
