Andrew Baxter

Ah... ring limitations. https://github.com/briansmith/ring/issues/579 and confirmed in https://github.com/breard-r/acmed/issues/2#issuecomment-505802712

Partially solved: https://github.com/briansmith/ring/issues/1161 (RSA)

It looks like it's pretty easy to get the ecdsa public key coords, if uncompressed it's just 1 byte past the public key start. https://datatracker.ietf.org/doc/html/rfc5480#section-2.2 with a hint in https://datatracker.ietf.org/doc/html/rfc7518#section-6.2.1.2...

FWIW Caddy doesn't support Ed25519 either: https://github.com/mholt/acmez/blob/422d0ad3b73253c35dc2b9d0be29ad55385df3ff/examples/attestation/main.go#L268

Awesome, and thanks for the comments! Sorry, I didn't quite get to this today. I'll try to do it tomorrow.

> It would also need a README update I added a (very simple) example to the readme, let me know if there's other additions you think would be good.

My (limited) real world testing worked.

Keep them separate but just change the target? Or should I combine them all? Aside from loading urlsafe base64 hmacs I don't think I have any others incoming

@randomairborne do you have any use cases you could try it with? I looked at various acme libraries and they all seemed to be doing their own jwt stuff (and...

Okay, great!