Potentially pointless salt #95
Description
I was looking at this:
https://github.com/funcool/buddy-sign/blob/master/src/buddy/sign/compact.clj#L118
What is the purpose of salt here? The only possible use for salt I could imagine is to use it as a nonce,
by storing the salts you've received recently, as to prevent replay attacks. But the unsign function doesn't really expose it, so
you need to cut it out yourself from the string. Otherwise this adds no security, the HMAC and other signing algos are secure as is.