From 045d169339c5b973f0924269e6ca485e48de3668 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Mon, 22 Feb 2021 20:32:33 +0100 Subject: lacme-accountd: Refuse to sign JWS with an invalid Protected Header. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit “The JWS Protected Header is a JSON object” — RFC 7515 sec. 2. “The JWS Protected Header MUST include the following fields: - "alg" - "nonce" - "url" - either "jwk" or "kid"” — RFC 8555 sec. 6.2. --- Changelog | 1 + 1 file changed, 1 insertion(+) (limited to 'Changelog') diff --git a/Changelog b/Changelog index faf32a8..da34ddc 100644 --- a/Changelog +++ b/Changelog @@ -1,6 +1,7 @@ lacme (0.8.1) upstream; + lacme-accountd: improve log messages. + + lacme-accountd: refuse to sign JWS with an invalid Protected Header. - lacme: in the [accountd] config, let lacme-accountd(1) do the %-expansion for 'config', not lacme(8) when building the command. -- cgit v1.2.3