Some potential improvements for the OpaqueSigner interface

[CallMeZhou]

1. The main purpose of OpaqueSigner is to sign payloads. Why does it have to implement a Public() method? Public key is irrelevant to signing itself, but is for verification. (if the Public() is not required in all use cases, please document when it can be ignored.)
2. The SignPayload method doesn't accept context argument. What if the real signer is working remotely (i.e., Azure Key Vault)? Even a locally installed encryptor hardware should be regarded as a "remote device" from software's perspective. (just in my opinion)
3. The documents of OpaqueSigner provides too little information. It would be better if it had some usage examples, in what cases will a method be called for what purposes, some precautions, and etc.

[CallMeZhou]

Now I see why "Public()". It's for embedding the public key in the JWT header. Makes sense but still should be documented --- I didn't understand it until I read a big part of the source code.

(I found the answer in genericSigner.Sign())

[jsha]

Also Public() is part of the standard library crypto.Signer interface.