paul at ciphergoth.org
Mon Jun 6 01:22:09 PDT 2005
Jean-Luc Delatre wrote:
> *Where* is the need to parse back the signed string?
Whoops, I mistook the bit you were replying to. Consumers need to parse
the reply to get_authkey requests.
Dumb consumers need to parse the replies to check_authentication
requests, but I'm increasingly thinking this should be simpler - after
all, they're dumb, right? So perhaps we should just send back a number
which is a lifespan in seconds, with "0" meaning "denied". If the need
arises for more information to be available, the dumb consumers can
always add a field to indicate that they can handle it.
\/ o\ Paul Crowley, paul at ciphergoth.org
More information about the yadis