Once more, LJ valid_to timespan.

Paul Crowley paul at ciphergoth.org
Fri Jul 1 13:47:11 PDT 2005

Carl Howells wrote:
> Well, the valid_to field was introduce as a result of this message:
> <http://lists.danga.com/pipermail/yadis/2005-June/000480.html>
> In that email, Paul pointed out all the components of the protocol 
> should have explicit expiration times set.  Most of it was devoted to 
> talking about (what became) the hmac secret, but he did mention that all 
> identity tokens provided should have explicit expirations as well.

I completely agree with everything you say here!  Thanks for putting it 
so eloquently - I've got a barely-started draft message on the subject 
saved because I couldn't work out how to express it.
\/ o\ Paul Crowley, paul at ciphergoth.org
/\__/ http://www.ciphergoth.org/

More information about the yadis mailing list