Hi all then where and how can i put this key and how can i access this from my app
Thanks On Feb 19, 2:09 am, Alex E <[EMAIL PROTECTED]> wrote: > Nevermind, just found the answer to my question on the wiki: > > "Updated The location of the certificate on Orkut's server is > purposefully not machine computable. You should not write code to > automatically fetch new certificates from Orkut's server, as there is > no way to automaticaly determine whether you should trust the new > certificate. We will give advance notice when the certificate is > scheduled to change, in order to give you enough time to manually > download the certificate and install it in your key cache." > > On Feb 18, 1:05 pm, Alex E <[EMAIL PROTECTED]> wrote: > > > > > Why doesn't the parameter contain the full URL of the key file? > > Surely it won't be served off of the sandbox forever, right? > > > Alex > > > On Jan 24, 11:27 am, "Arne Roomann-Kurrik (Google)" > > > <[EMAIL PROTECTED]> wrote: > > > Hi David and Pacheco, > > > > Currently the signed request specifies the file: pub. > > > 1199819524.-1556113204990931254.cer > > > > This is located > > > athttp://sandbox.orkut.com/46/o/pub.1199819524.-1556113204990931254.cer > > > - sorry that this isn't documented anywhere; I'll be working on > > > getting instructions pushed out. > > > > Keep in mind that you should not fetch this key on each request - pull > > > it once and index it in a cache somewhere. If the key ever changes, > > > the file specified in the signed request will change as well. > > > > Let me know if you need any more help validating requests - I've been > > > able to successfully validate them in PHP. > > > > ~Arne > > > > On Jan 22, 6:18 am, pacheco <[EMAIL PROTECTED]> wrote: > > > > > I need that info too. > > > > > Google guys, can you comment on that please? > > > > > On Jan 21, 2:23 pm, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote: > > > > > > Anyone care to reply to this, even to tell me I'm a dullard > > > > > and the answer is completely obvious ?? > > > > > > afaict there's no way to verify an Orkut makeRequest() call > > > > > without knowing this public key. Surely there's at least one > > > > > person on the planet who has succeeded in doing this ? > > > > > > Thanks again. > > > > > > On Jan 18, 8:46 am, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote: > > > > > > > I'm attempting to implement a server that accepts and verifies > > > > > > signed > > > > > > requests from makeRequest(), via the Orkut sandbox proxy. > > > > > > > The trail goes dead for me atxoauth_signature_publickey. > > > > > > I'm assuming that somewhere Google publishes their public key. > > > > > > Any pointers on where to find it welcome. > > > > > > > Thanks.- Hide quoted text - > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Orkut Developer Forum" group. To post to this group, send email to opensocial-orkut@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-orkut?hl=en -~----------~----~----~----~------~----~------~--~---