using the identity url to contain a key fingerprint

Imran Ghory imranghory at gmail.com
Wed May 25 05:09:34 PDT 2005


On 5/24/05, Brad Fitzpatrick <brad at danga.com> wrote:
> [ Security people, sanity-check me..... ]
> 
> Imran,
> 
> Because the key could change, and it'd be a pain for the people running
> the ID server to have to notify all their users to go change their link
> tags.
> 
> But perhaps we could add:
> 
> <link rel='openid.pubkey_signedby' value="93:AC:3A:B8:....." />

I think that's a good idea, as it would allows id servers to sign
their own keys without requiring a third party certificate authority
but still provide a similar level of security.

Imran
--
MSN: tickletux at hotmail.com
AIM: tickletux1


More information about the yadis mailing list