diff --git a/examples/dyn-key.rs b/examples/dyn-key.rs
index d32e526..b3cd277 100644
--- a/examples/dyn-key.rs
+++ b/examples/dyn-key.rs
@@ -86,7 +86,7 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
     let hdr = token.header();
     let jwk = hdr.key().unwrap();
     let key: rsa::pkcs1v15::VerifyingKey<Sha256> =
-        rsa::pkcs1v15::VerifyingKey::new(rsa::RsaPublicKey::from_jwk(&jwk).unwrap());
+        rsa::pkcs1v15::VerifyingKey::new(rsa::RsaPublicKey::from_jwk(jwk).unwrap());
 
     println!("=== Verification === ");
     // Check it against the verified key
diff --git a/src/algorithms/ecdsa.rs b/src/algorithms/ecdsa.rs
index 197bc1f..295ca60 100644
--- a/src/algorithms/ecdsa.rs
+++ b/src/algorithms/ecdsa.rs
@@ -427,7 +427,7 @@ mod test {
         let signature: ::ecdsa::Signature<NistP256> = key.sign_token(&header, &payload);
         eprintln!("sig: {:?}", signature.to_bytes().as_slice());
 
-        let verify = key.verifying_key().clone();
+        let verify = *key.verifying_key();
         assert_eq!(ecpkey.to_public_key().unwrap(), (&verify).into());
 
         TokenVerifier::<ecdsa::Signature<NistP256>>::verify_token(
diff --git a/src/jose/mod.rs b/src/jose/mod.rs
index c4674cb..2e73472 100644
--- a/src/jose/mod.rs
+++ b/src/jose/mod.rs
@@ -182,13 +182,12 @@ impl<H> Header<H, UnsignedHeader> {
     }
 
     /// Construct the JOSE header from the builder and signing key.
-    pub(crate) fn into_signed_header<A, S>(
+    pub(crate) fn into_signed_header<A>(
         self,
         key: &A,
     ) -> Result<Header<H, SignedHeader>, signature::Error>
     where
         A: DynJsonWebAlgorithm + SerializePublicJWK + ?Sized,
-        S: SignatureEncoding,
     {
         let state = SignedHeader {
             algorithm: key.identifier(),
diff --git a/src/token/mod.rs b/src/token/mod.rs
index 45c2c52..eac8a20 100644
--- a/src/token/mod.rs
+++ b/src/token/mod.rs
@@ -432,7 +432,7 @@ where
         A: crate::algorithms::TokenSigner<S> + ?Sized,
         S: SignatureEncoding,
     {
-        let header = self.state.header.into_signed_header::<A, S>(algorithm)?;
+        let header = self.state.header.into_signed_header(algorithm)?;
         let headers = Base64JSON(&header).serialized_value()?;
         let payload = self.payload.serialized_value()?;
         let signature = algorithm
@@ -450,6 +450,7 @@ where
     }
 
     /// Sign this token using the given algorithm, and a random number generator.
+    #[allow(clippy::type_complexity)]
     pub fn sign_randomized<A, S>(
         self,
         algorithm: &A,
@@ -459,7 +460,7 @@ where
         A: crate::algorithms::RandomizedTokenSigner<S> + ?Sized,
         S: SignatureEncoding,
     {
-        let header = self.state.header.into_signed_header::<A, S>(algorithm)?;
+        let header = self.state.header.into_signed_header(algorithm)?;
         let headers = Base64JSON(&header).serialized_value()?;
         let payload = self.payload.serialized_value()?;
         let signature = algorithm