Friday, August 15, 2014

Learn JOSE and become a better Web Service Developer

The work around OAuth2 and JOSE in particular has inspired me.

So much that I've ordered several books from Amazon.co.uk - and it's been quite a while since the idea of buying a book occurred to me; and several books in the age of Google ? - see, it did inspire me.

Sometimes we the developers think that we know all and if not all then we think we won't need that extra piece of knowledge, being the experts we are. The software engineering is not easy. We have the deadlines and our regular work to be well taken care of. No time for reading the books: the more busier and older we become the less time we have.

This is why I like OAuth2 and JOSE. JOSE, specifically, is a very fine effort, it represents a set of nicely aligned specifications tackling the various issues related to signing and encrypting the arbitrary payloads and using simple and effective JSON metadata to describe the signature and encryption operations. It's led by the people who understand what they do. JOSE deals only with the best/most trusted/most understood signature and encryption algorithms. It's a set of 'books' about the latest in the cryptography.

It is already starting and will affect the way we do secure HTTP services. I already claimed it in the earlier post about OAuth2 and repeat it again here.

Learn JOSE, understand it, start using it, become a better engineer !

No comments: