>The site http://code.google.com/p/webfinger/wiki/WebFingerProtocol >already explains how this gets safely encoded. See the example. I'm not concerned about figuring out how to do it, actually; my point was rather that it's already possible, so *we* shouldn't be seeing it as much of a problem. -Shade