Proposed Specification for New Consumer-Server Commnunications
Brad Fitzpatrick
brad at danga.com
Thu Jun 9 15:39:44 PDT 2005
On Thu, 9 Jun 2005, Paul Crowley wrote:
> Brad Fitzpatrick wrote:
> > I'd like to call it "shared_secret" to distinguish from the server-only
> > secrets, and to make it more clear that both parties have that
> > shared_secret.
>
> I slightly prefer mac_secret, since it's possible to imagine that future
> protocols might include other secrets. Or come to think of it, mac_key,
> which is even more straightforward and even shorter.
>
> Thanks for continuing to push for this sort of thing, it's making a
> better protocol in a way that will last. Brad, you let us know when
> you're tired of changing your Perl code and we'll call a halt to it :-)
You have 1 week and 3 days, then it's frozen. (when I get back from
Europe)
At that time, on Monday morning Jun 20th US/Pacific, I'll click forward
through the diffs on the wiki and implement what's there. (Assuming
nothing's confusing or controversial...)
> > I don't like gx and gy either. server_public and consumer_public sound
> > great.
>
> Done. Also done the POST thing.
I should reply to emails after I've read all my existing inbox. Cool.
You guys should start a new thread and debate error handling next. (error
handling that's not security-related, but server-error/config related)
- Brad
More information about the yadis
mailing list