How About Tomorrow?
Open Source Security Theater
Dax
Yeah, so if you set, the problem with JWTs is the upside is you can verify JWT without calling another server. So it's really efficient. Like there's a bunch of good reasons for that. But that exact property, it makes it so someone can't revoke them. So if someone is like, oh, there's James who was leaked, I need to revoke it. Other systems are still going to keep validating it.
0
💬
0
Comments
Log in to comment.
There are no comments yet.