Request for comments: Sorting fields in signature generation

Josh Hoyt josh at janrain.com
Wed Sep 27 17:46:46 UTC 2006


On 9/27/06, Barry Ferg <barry at sxip.com> wrote:
> This proposal doesn't _force_ anyone to us multiple
> parameters with the same name. I'm in favour of keeping the
> specification flexible by not imposing unnecessary restrictions on
> future extensions to the protocol.

Why require the integers in the Diffie-Hellman exchange to be encoded
as big-endian two's complement instead of allowing multiple different
integer encodings?

Why specify that the text is encoded as UTF-8 instead of allowing
arbitrary encodings?

Why bind it to the HTTP protocol?

These decisions were made to make it easy to implement without
reducing functionality for the cases that the protocol was designed to
cover. Ease of implementation is a design goal for this protocol. If
one alternative would make implementation harder for a significant
part of the target audience and another would not, the choice is clear
to me.

Josh



More information about the specs mailing list