> Anyway, I'd favor > fp-md5=ssh-dss-c1b13029d7b8de6c977710d746416387 The problem with that (or the more verbose form) arises as soon as you try to express "here's the host's ssh-dss fingerprint and here's its ssh-rsa fingerprint". This turns into something like fp-md5=ssh-dss-60b725f10c9c85c70d97880dfe8191b3&fp-md5=ssh-rsa-3b5d5c3712955042212316173ccf37be, which, syntactically, is providing conflicting values to a single parameter. That's whence the attempt to move the to the left side of the equal sign in some way. It's ugly, but you could base64-encode both: fp-bWQ1-c3NoLXJzYQ=.... Or you could ignore the issue, assuming that the future will never define hash and cipher names which make the encoding ambiguous. :) /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mouse at rodents-montreal.org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.