Cryptographer hate for JWT
What some cryptographers say about JWT
This vulnerability is a trifecta of things I hate:
- Ruby OpenSSL extension
- AES-GCM (great performance but so brittle)
Expect years and years and years and years of ongoing JWT related vulnerabilities, with people continuing to claim "this isn't a problem with JWT!"
JWT is so bad that I find myself wondering what I was doing when it was being created and if I could have done something to stop it.
Also, note that this HN thread is full of developers just now learning that JWTs only does signing. Except it can also do encryption. 🤷♂️
This isn't an isolated incident. Every time someone talks about why JWT is bad, someone engages in a congruent fashion.
"Blame the libraries, or the defaults. Don't blame the standard!"
"The attack you're describing sounds like an old attack which was an implementation's fault"