validating DSA keys
Brad Fitzpatrick
brad at danga.com
Tue May 17 10:00:02 PDT 2005
As I mentioned in my previous mail, I'm not sure I'm sending the DSA
signatures back to the redirect_to page in the canonical format. I'm just
copying what TypeKey does.
I'm down for changing it if somebody tells me the right way to do it, but
in the meantime, you can see how to validate the signatures in a bunch of
languages:
Everything TypeKey: (search for "Client Libraries)
http://typekey.torrez.org/guide/show/HomePage
.. Perl, PHP, ASP.Net, Python, Java, Ruby.
But our public keys aren't in the format those libraries want, so I
added a new "yadis.fmt" option to the _mode=getpubkey:
In PEM format (default):
http://www.livejournal.com/misc/yadis.bml?_mode=getpubkey
In integers:
http://www.livejournal.com/misc/yadis.bml?_mode=getpubkey&yadis.fmt=integers
In addition to deciding what format(s) we should recommend, what about GET
parameters? Thoughts on pre-pending "yadis." to them, to avoid trampling
parameters the app might already be using?
- Brad
More information about the yadis
mailing list