readme: add ci badge and goals clarification

As everyone is aware you don't need JWTs for OAuth. However, OIDC requires them which is a main target, alongside almost every non-OIDC (unfortunately) using JWT. Furthermore, despite being labeled under "signatures" in the standard, MACs aren't a goal in this library.
2021-12-04 12:12:13 +03:00 · 2021-12-04 12:12:13 +03:00 · fa79a9a7bc
parent fbf3f89bcc
commit fa79a9a7bc
1 changed files with 4 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -1,5 +1,7 @@
 # Dumb JOSE

+[![github-action](https://github.com/aydinmercan/dumb-jose/actions/workflows/test.yaml/badge.svg)](https://github.com/aydinmercan/dumb-jose/actions/workflows/test.yaml)
+
 Insecure library for a set of insecure formats.
 It aims to provide inflexible verification for cases where you unfortunately can't avoid touching JWT.

@ -14,7 +16,7 @@ Likewise, you shouldn't need me to tell you that you shouldn't use this library.

 ## Goals

-* Just enough JWT for people to speak commonly encountered OAuth 2.0 and alike.
+* Just enough JWT for people to speak commonly encountered OAuth 2.0 (esp. with OIDC) and alike.
 * Don't allow for any of the sharp edges.
 * Allow for binding domain parameters as much as possible to the public keys.
 * Extensive test coverage even if a particular case seems pedantic, guaranteed to be handled properly and/or improbable to be problematic.
@ -22,7 +24,7 @@ Likewise, you shouldn't need me to tell you that you shouldn't use this library.
 ## Non-Goals

 * Signing capabilities.
-* Anything that has to do with encryption or key exchange.
+* Anything that has to do with encryption, key exchange or MACs.
 * Be 100% compliant with the standard.

 ## License