I have no position on the issue described in this post because it's all new to me. But because it's all new to me it's inherently interesting, and the discussion perhaps points the way to the future of signing and encrypting Javascript objects (such as data or executable code). The argument here against Javascript Object Signing and Encryption (JOSE) is that it is often abused, and that it makes forgery trivial. The options allowed for JSON encryption have security issues, according to the article. More. From my own work recoding gRSShopper I can see that this will be directly relevant to learning systems in the near future that intend to exchange data and executable code.
Today: 1 Total: 20 [Share]
] [