Hi,
Just a question about validation of signature token using ESS algorithm.
Is it normal to reject a signature made with a certificate of a different ECDSA while standard Java signature verification allow it ?
In other words jwt.io debugger says:
ESS256 is ok with certificat ECDSA-256 but ko with ECDSA-384 or ECDSA-512
ESS384 is ok with certificat ECDSA-384 but ko with ECDSA-256 or ECDSA-512
ESS512 is ok with certificat ECDSA-512 but ko with ECDSA-256 or ECDSA-384
Thanks for your explanation
François