Read the blog article (See link below), The Hard Parts of JWT Security Nobody Talks About. After reading the article, submit a college-level response to the following questions:
Even though symmetric signatures have limitations, can they still be used reliably in an application? If so, under what conditions? If not, why not? Does the use of an Asymmetric signature fully solve the problems associated with symmetric signatures? Should JWT’s always expire? If not, under what circumstances should a JWT not expire? If yes, why? Under what circumstances are each of the cryptographic key management techniques used? In other words, how would one distribute keys?
Article Link: https://www.pingidentity.com/en/company/blog/posts/2019/jwt-security-nobody-talks-about.html
2 Pages
Double Spaced (Times New Roman)
No special format needed, please do a thorough job researching/reading the article.