libravatar-fans team mailing list archive

[Jonathan Harker <jon@xxxxxxxxxxx>]

On Fri 03 Aug 2012 11:38:28 AM NZST, Francois Marier wrote:
>> I agree in principle, bearing in mind we will have to think about folks
>> potentially faking IDs by blindly redirecting.
>
> I'm not sure I follow you here... What "IDs" are you referring to?

I meant "identity" in a generic sense, e.g.

http://libravatar.org/avatar/<my-hash>?d=http:/avatar/<your-hash>

1. A valid redirect URL
2. Someone else's valid avatar from the same server instead of a nobody
    image

>>> Thinking about that I've come to the conclusion that two docs would
>>> be nice: First the specification, which explains in clear, hard, dry
>>> words how clients and servers need to behave.
>>
>> With all that RFC MUST SHOULD MAY etc. I agree. In fact, perhaps we
>> should write it up as an RFC :-) I'm happy to give it a crack. We should
>> use Sphinx. Sphinx is ace.
>
> If you want to lead this, that would be really cool. You're a documentation
> star :)
>
> Should we use an etherpad for it?

What an excellent idea. Some thoughtful soul has even set it up here at
Catalyst...