using the identity url to contain a key fingerprint

Imran Ghory imranghory at
Wed May 25 05:09:34 PDT 2005

On 5/24/05, Brad Fitzpatrick <brad at> wrote:
> [ Security people, sanity-check me..... ]
> Imran,
> Because the key could change, and it'd be a pain for the people running
> the ID server to have to notify all their users to go change their link
> tags.
> But perhaps we could add:
> <link rel='openid.pubkey_signedby' value="93:AC:3A:B8:....." />

I think that's a good idea, as it would allows id servers to sign
their own keys without requiring a third party certificate authority
but still provide a similar level of security.

MSN: tickletux at
AIM: tickletux1

More information about the yadis mailing list