Y
Hacker News
new
|
ask
|
show
|
jobs
by
danscan
315 days ago
In some apps, the client may be the signing authority (e.g. it owns the resource it's accessing).
In that case, the client can possess the JWK keypair and do its own signing.