Skip to content

Consider Adding Deprecation Marker to x5t Usage #16979

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jzheaux opened this issue Apr 22, 2025 · 1 comment · May be fixed by #17130
Open

Consider Adding Deprecation Marker to x5t Usage #16979

jzheaux opened this issue Apr 22, 2025 · 1 comment · May be fixed by #17130
Labels
status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement

Comments

@jzheaux
Copy link
Contributor

jzheaux commented Apr 22, 2025

Since x5t uses SHA-1, it may be appropriate to add a deprecation marker to JoseHeaderNames.X5T, similar to how Nimbus does the same with its JWSHeader.Builder and Spring Security does with MessageDigestPasswordEncoder.
@jzheaux jzheaux added status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement labels Apr 22, 2025
@pat-mccusker
Copy link
Contributor

Can I throw up a pr with the annotation and some javadoc or you looking to have some further discussion first?

pat-mccusker added a commit to pat-mccusker/spring-security that referenced this issue May 16, 2025
@pat-mccusker
Deprecate the X5T JOSE Header name
a6c8957 
Closes spring-projectsgh-16979

Signed-off-by: Pat McCusker <[email protected]>
@pat-mccusker pat-mccusker linked a pull request May 16, 2025 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Deprecate the X5T JOSE Header name pat-mccusker/spring-security
2 participants
@jzheaux @pat-mccusker