Does this support the x5c/x5u fields in JWS? (RFC-7515)

[lggomez]

Migrated from dgrijalva/jwt-go#325:

itstehkman commented on May 4, 2019

This would be an awesome feature. I took a very quick look and it seems like this project does not support it, but maybe I am wrong.

See https://tools.ietf.org/html/rfc7515#section-4.1.6 for more details on this field - it is essentially providing the certificate and its chain in some JWT headers so that both the signature and the cert can be verified.

FWIW, I am trying to add support to the main ruby JWT library, I can post back here with what the PR looks like there. jwt/ruby-jwt#59 (jwt/ruby-jwt#59)

[lggomez]

dgrijalva commented on May 21, 2019

It does not at the moment, though I'd be open to reviewing a PR.

[oxisto]

I think this was largely superseded by the idea of JSON web keys. Which might be interested to support as part of the request package.