<div>I believe that Blogger, as an RP, would want/need to retrieve and cache any avatar image data. The reasons are quadrifold, at least:</div><div><br></div><div>1. This lets the RP push the bits through a munger to prevent well known IE-specific cross site scripting attacks;</div>
<div>2. This lets the RP do downsampling/sanity filtering so as to avoid craziness like someone supplying a 1600x3200 pixel image for their thumbnail picture, thus dragging overall page loading time into the mud;</div><div>
3. In our case, we have a very good edge caching system but we have no guarantee that the OP does or wants to be hit with a firehose on a popular page;</div><div>4. In our case, our avatar images are actually stored as they were at the time of the associated blog post / comment. Thus if you turn your image green to support a certain political movement, and post with that green image, it will remain green even years later in our archives even if the most current avatar is no longer green. There's no reliable way to do this without caching the bits.</div>
<div><br></div><div>(I should also note that I'm no longer working full time on Blogger, but am working full time on Salmon - <a href="http://salmon-protocol.org">http://salmon-protocol.org</a> - and related projects; this is just MHO based on past experience, not a statement on behalf of Blogger.)</div>
<br clear="all">--<br>John Panzer / Google<br><a href="mailto:jpanzer@google.com">jpanzer@google.com</a> / <a href="http://abstractioneer.org">abstractioneer.org</a> / @jpanzer<br><br>
<br><br><div class="gmail_quote">On Thu, Dec 10, 2009 at 9:14 PM, SitG Admin <span dir="ltr"><<a href="mailto:sysadmin@shadowsinthegarden.com">sysadmin@shadowsinthegarden.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="im"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I think I messed the double negative above: I meant everything except<br>
explicit APIs with support SLAs are liable to change.<br>
</blockquote>
<br></div>
As a cheaper (but less geek-friendly) solution, couldn't Relying Parties have JS to read the "image" data *and* (before loading/running it) instructing the user's browser to hash it, seeing if it matched the "clean" value a RP had generated/stored/displayed for it after confirming that it was safe? If not, the browser could be instructed to (alternatively) display a generic "this user has a new icon that has not yet been checked" profile image instead.<br>
<br>
-Shade<div><div></div><div class="h5"><br>
_______________________________________________<br>
specs mailing list<br>
<a href="mailto:specs@lists.openid.net" target="_blank">specs@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs</a><br>
</div></div></blockquote></div><br>