Insights and release announcements
Blog
-
Multi-level defence against invalid curve attacks
Multi-level defence against invalid curve attacks
Reliable defences work on multiple levels. The latest release of the Nimbus JOSE + JWT library adds an extra protection against invalid curve attacks by preventing construction and parsing of public EC JSON Web Keys whose...
JOSERead article -
Connect2id server 6.6.1 maintenance release
Connect2id server 6.6.1 maintenance release
This is a small maintenance release of the Connect2id server. Summary: Fixes client_secret provisioning...
Connect2id serverRead article -
Nimbus JOSE+JWT 4.35 deprecates use of SHA-1 and RSA encryption with PKCS1v1.5 padding
Nimbus JOSE+JWT 4.35 deprecates use of SHA-1 and RSA encryption with PKCS1v1.5 padding
Deprecates use of SHA-1 CWI and Google’s announcement of a practical technique for producing SHA-1 collisions served...
JOSERead article -
New OAuth spec for TLS client authentication with X.509 certificate
New OAuth spec for TLS client authentication with X.509 certificate
Brian Campbell and other members of the OAuth WG published a new spec for letting clients authenticate with TLS and a...
Connect2id serverRead article -
Connect2id server 6.6 eases migration of data between instances
Connect2id server 6.6 eases migration of data between instances
This new release of the Connect2id server makes the job of migrating data between instances much safer and easier....
Connect2id serverRead article -
Connect2id server 6.5
Connect2id server 6.5
Single use of tokens is now also supported by the standard inspection endpoint The standard token inspection endpoint...
Connect2id serverRead article -
Improved claims and access token lifecycle support in Connect2id server 6.4
Improved claims and access token lifecycle support in Connect2id server 6.4
This release of the OpenID Connect server introduces a number of small but useful new features. Define your own scope...
Connect2id serverRead article -
Hardware Security Module (PKCS#11) support in Connect2id server 6.3
Hardware Security Module (PKCS#11) support in Connect2id server 6.3
The Connect2id server can now utilise Hardware Security Modules (HSM) for signing issued identity and access tokens....
Connect2id serverRead article -
Connect2id server 6.2 makes it easier to implement stateless login / consent front-ends
Connect2id server 6.2 makes it easier to implement stateless login / consent front-ends
This new release of the OpenID Connect / OAuth 2.0 server makes it easier to implement nible stateless UIs on top of...
Connect2id serverRead article -
Certified OpenID Connect provider server
Certified OpenID Connect provider server
Last week the [Connect2id server](/products/server) received certification for all standard [OpenID...
Connect2id serverRead article -
Connect2id server 5.0.5 adds metrics for Redis backends
Connect2id server 5.0.5 adds metrics for Redis backends
Connect2id server 5.x received an update to enable retrieval of key metrics on Redis client connection pool usage. If...
Connect2id serverRead article -
Connect2id server 6.1.2 maintenance release
Connect2id server 6.1.2 maintenance release
This is a quick maintenance release of the Connect2id server before we head into the holidays. What’s in it: UTF8...
Connect2id serverRead article -
Connect2id server 6.1.1 maintenance release
Connect2id server 6.1.1 maintenance release
We’re ending November with a small maintenance release of the Connect2id server that updates Infinispan and a number...
Connect2id serverRead article