Thanks for the quick reply.
Regarding the secret I have to say that not supporting base64 encoded secrets weakens the security of the JWS token signature, because now the secret used to sign the JWS needs to have printable characters only, while with base64 encoded secrets the secret can contain non printable characters.
So not supporting base64 encode secrets to allow for a secret to be encoded from it’s binary form, means loosing around 25% of it’s entropy, therefore more vulnerable to brute force attacks.