2014-05-06 UTC
# 
kbs ah, nice - thanks kylewm and ben_thatmustbeme . I was starting to tinker with creating signed tokens - so in principle one could validate them directly with public keys from the associated site. eg: I submit a signed token with "iss"="https://kbsriram.com" and an endpoint can validate it from a suitable pubkey rel tag on kbsriram.com