diff --git a/index.js b/index.js
index 680f139..69a8907 100644
--- a/index.js
+++ b/index.js
@@ -388,6 +388,7 @@ function unpackJWS(signature, callback) {
   const payload = jsonParse(parts.payload);
   if (!payload)
     return callback(makeError('jws-payload-parse'));
+  payload.header = parts.header;
   return callback(null, payload)
 }
 
@@ -457,9 +458,10 @@ function fullValidateSignedAssertion(signature, callback) {
       return getLinkedResources(structures, callback);
     },
     function verifySignature(resources, callback) {
+      var algorithm = data.structures.assertion.header.alg;
       data.resources = resources;
       const publicKey = resources['assertion.verify.url'];
-      if (!jws.verify(signature, publicKey))
+      if (!jws.verify(signature, algorithm, publicKey))
         return callback(makeError('verify-signature'))
       return callback(null, resources);
     },
diff --git a/package.json b/package.json
index 81ba746..5cfce14 100644
--- a/package.json
+++ b/package.json
@@ -11,11 +11,11 @@
     "dataurl": "~0.1.0",
     "request": "~2.14.0",
     "async": "~0.2.5",
-    "jws": "0.2.2",
+    "jws": "~3.1.0",
     "deep-equal": "0.0.0"
   },
   "devDependencies": {
-    "nock": "~0.22.1",
+    "nock": "~1.0.0",
     "tap": "~0.4.0",
     "underscore": "~1.5.1",
     "sinon": "~1.7.3",
diff --git a/test/validator-remote.test.js b/test/validator-remote.test.js
index 6fec15f..ad1417a 100644
--- a/test/validator-remote.test.js
+++ b/test/validator-remote.test.js
@@ -133,7 +133,7 @@ test('validator.unpackJWS: bad payload', function (t) {
 });
 
 test('validator.unpackJWS: everything good', function (t) {
-  const expect = {sup: 'lol'};
+  const expect = {sup: 'lol', header: { alg: 'rs256' }};
   const signature = jws.sign({
     header: { alg: 'rs256' },
     payload: expect,