JOSE.JWE.block_decrypt
: allow specifying alg
and enc
like for verify_strict
#84
Labels
Milestone
JOSE.JWE.block_decrypt
: allow specifying alg
and enc
like for verify_strict
#84
As per JSON Web Token Best Current Practices - section 3.1, JWE decryption should allow specifying
alg
andenc
like for JWS signature verification.Not sure what is the security threat here, and if the same problems we saw with JWS can appear.
The text was updated successfully, but these errors were encountered: