It turns out, we don't need permission from the IETF to use PASETO in the real world (i.e. OAuth2). This is fortunate, because it's unlikely for them to accept a JWT alternative in the first place, no matter how doomed their christened standard may be.
Based on the feedback we've already received from security and cryptography experts around the world, this is simple and usable enough to use in the real world. So there's no point in delaying a stable release any further.
The documentation and reference implementation has been updated with some feedback from the RFC review process (i.e. optional footer handling).
Protocol changes:
None. We're quite happy with the way Paseto is currently designed.
PHP Library Changes:
- If you pass a footer to the third argument, it will be evaluated with strict constant-time equality. Otherwise, it will strip it off the token and decoded from base64.
Documentation Changes:
- Handling optional footers is less strict, as per RFC draft feedback.