Hi David and Pacheco, Currently the signed request specifies the file: pub. 1199819524.-1556113204990931254.cer
This is located at http://sandbox.orkut.com/46/o/pub.1199819524.-1556113204990931254.cer - sorry that this isn't documented anywhere; I'll be working on getting instructions pushed out. Keep in mind that you should not fetch this key on each request - pull it once and index it in a cache somewhere. If the key ever changes, the file specified in the signed request will change as well. Let me know if you need any more help validating requests - I've been able to successfully validate them in PHP. ~Arne On Jan 22, 6:18 am, pacheco <[EMAIL PROTECTED]> wrote: > I need that info too. > > Google guys, can you comment on that please? > > On Jan 21, 2:23 pm, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote: > > > Anyone care to reply to this, even to tell me I'm a dullard > > and the answer is completely obvious ?? > > > afaict there's no way to verify an Orkut makeRequest() call > > without knowing this public key. Surely there's at least one > > person on the planet who has succeeded in doing this ? > > > Thanks again. > > > On Jan 18, 8:46 am, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote: > > > > I'm attempting to implement a server that accepts and verifies signed > > > requests from makeRequest(), via the Orkut sandbox proxy. > > > > The trail goes dead for me at xoauth_signature_publickey. > > > I'm assuming that somewhere Google publishes their public key. > > > Any pointers on where to find it welcome. > > > > Thanks. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Orkut Discussion" group. To post to this group, send email to opensocial-orkut@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-orkut?hl=en -~----------~----~----~----~------~----~------~--~---
