kerolasa
commented
4 months ago It would be nice to get 4.2.3. Security Considerations improvement to signature generation. Something like this:
Notes:
The digital signature will be generated on the query string. The values of
each query string value key/value pair MUST be properly URL Encoded before
the signature is generated. The sig and key parameters MUST be excluded
from the query string before generating signature.p.s. That was incorrectly implemented in Cloudflare. When I get the next release in use it will have a counter how often ServiceProviders are sending signatures that include sig or key. It will be interesting to see how many broken implementations there are due to missing a note.
Completed the changes discussed in #92.
Fixed other issues like: asciidoctor: ERROR: Domain Connect Spec Draft.adoc: line 733: dropping cells from incomplete row detected end of table asciidoctor: ERROR: Domain Connect Spec Draft.adoc: line 1090: dropping cells from incomplete row detected end of table