If you change your algorithm, your old tokens are still usable because you know which algorithm was used to create them.

It would not be possible to establish a period to migrate all tokens? This "if you change in a possible feature" is not a good argument when modeling something, in my opinion. That's how AbstractFactoryStrategies are made.

That sounds like a very niche case, probably not worth solving. That said, the JWT lib could allow you to specify one or more fallback algorithms in case the default one fails to validate.

If you're switching off an algorithm, you're probably doing it because it's been broken. And, if it's broken, you won't use it anyway.

As the issues described in TFA make clear, the verifier really should know the algorithm in order to verify completely. However, since this format allows various algorithms, the algorithm must be recorded somewhere, especially in the public-key scenario when the verifier is probably not the signer.

Thanks.

OT but what does TFA stand for? I've seen you use it in two threads and I presume it's referring to the posted article in question but I can't figure out the actual meaning.

The F*ing Article... probably evolved from RTFM. Hacker culture, so warm and welcoming, isn't it?

That usage was deprecated by RFC19647. The correct definition is now 'The Featured Article'.

The abbreviation gives some plausible deniability - it could be "the fine article"!

I've usually seen it as The Fine Article, but tastes vary. b^)