[keycloak-dev] JWS sizes

Wednesday, 22 March 2017

FYI,

Signature for RSA-Sha-256 for JWS is 172 bytes.  The Header of the JWS 
is minimally 20 extra bytes.  Can be more depending on additional 
headers (kid, typ, cty).  Wanted to state these numbers as they effect 
if we want to use a cookie to store session information instead of 
within a ClientSessionModel on the auth server, or HttpSession on 
clients/apps.  Supposedly cookie storage is limited to 4k per domain, so 
we're immediately starting 200 bytes (5%) in the hole.

Bill

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

[keycloak-dev] JWS sizes