Once more, LJ valid_to timespan.
Brad Fitzpatrick
brad at danga.com
Fri Jul 1 13:55:22 PDT 2005
On Fri, 1 Jul 2005, Paul Crowley wrote:
> Carl Howells wrote:
> > Well, the valid_to field was introduce as a result of this message:
> > <http://lists.danga.com/pipermail/yadis/2005-June/000480.html>
> >
> > In that email, Paul pointed out all the components of the protocol
> > should have explicit expiration times set. Most of it was devoted to
> > talking about (what became) the hmac secret, but he did mention that all
> > identity tokens provided should have explicit expirations as well.
>
> I completely agree with everything you say here! Thanks for putting it
> so eloquently - I've got a barely-started draft message on the subject
> saved because I couldn't work out how to express it.
You'd better figure out a good way to express it, because we've got a
number of people here reading it different ways.
- Brad
More information about the yadis
mailing list