validating DSA keys

Brad Fitzpatrick brad at
Tue May 17 10:00:02 PDT 2005

As I mentioned in my previous mail, I'm not sure I'm sending the DSA
signatures back to the redirect_to page in the canonical format.  I'm just
copying what TypeKey does.

I'm down for changing it if somebody tells me the right way to do it, but
in the meantime, you can see how to validate the signatures in a bunch of

Everything TypeKey:  (search for "Client Libraries)
  .. Perl, PHP, ASP.Net, Python, Java, Ruby.

But our public keys aren't in the format those libraries want, so I
added a new "yadis.fmt" option to the _mode=getpubkey:

In PEM format (default):

In integers:

In addition to deciding what format(s) we should recommend, what about GET
parameters?  Thoughts on pre-pending "yadis." to them, to avoid trampling
parameters the app might already be using?

- Brad

More information about the yadis mailing list