lacme-accountd: Refuse to sign JWS with an invalid Protected Header.

“The JWS Protected Header is a JSON object” — RFC 7515 sec. 2. “The JWS Protected Header MUST include the following fields: - "alg" - "nonce" - "url" - either "jwk" or "kid"” — RFC 8555 sec. 6.2.
author: Guilhem Moulin <guilhem@fripost.org> 2021-02-22 20:32:33 +0100
committer: Guilhem Moulin <guilhem@fripost.org> 2021-02-22 22:36:59 +0100
commit: 045d169339c5b973f0924269e6ca485e48de3668 (patch)
tree: 2e159653533e2a4a89360404e7bfa4f59d9d7bee /Changelog
parent: 87fa9468a26c1902423839473049cd3325098c1a (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/Changelog b/Changelog
index faf32a8..da34ddc 100644
--- a/Changelog
+++ b/Changelog
@@ -1,6 +1,7 @@
 lacme (0.8.1) upstream;
 
  + lacme-accountd: improve log messages.
+ + lacme-accountd: refuse to sign JWS with an invalid Protected Header.
  - lacme: in the [accountd] config, let lacme-accountd(1) do the
    %-expansion for 'config', not lacme(8) when building the command.
author	Guilhem Moulin <guilhem@fripost.org>	2021-02-22 20:32:33 +0100
committer	Guilhem Moulin <guilhem@fripost.org>	2021-02-22 22:36:59 +0100
commit	045d169339c5b973f0924269e6ca485e48de3668 (patch)
tree	2e159653533e2a4a89360404e7bfa4f59d9d7bee /Changelog
parent	87fa9468a26c1902423839473049cd3325098c1a (diff)