HackerTrans
TopNewTrendsCommentsPastAskShowJobs

There's no good reason for signing webhooks(speakeasy.com)

18 points·by mfbx9da4·2 anni fa·3 comments
speakeasy.com
There's no good reason for signing webhooks

https://www.speakeasy.com/post/no-good-reason-for-signing-webhooks

3 comments

wlockiv·2 anni fa
I think it's fair to describe the need for signing as a lemming. However, I wonder why the initial evangelists of this standard (that is, in our current post-http era) chose signing instead of API Keys.

So often these kinds of things are a reaction to some negative experience.
mfbx9da4·2 anni fa
I would be curious too. I think it comes down to the benefits are there and they're cheap enough that they may as well recommend a more secure approach.
mfbx9da4·2 anni fa
Hey, author here. Pleasure to work on this article. I'd welcome strong opinions :-)