> Unfortunately, that's insufficient. Depending on the > situation, one might wish to express that the named > host may provide any of several keys, all using the > same algorithm. For example, one might provide a > hostname which resolves to one of several distinct > machines. I see. Then perhaps something like this: ?fp1=md5:ssh-rsa:0a1b2c3d4e... &fp2=md5:ssh-rsa:c9d721b241... &fp3=md5:ssh-dss:1b951c9ff2... &fp4=md5:ssh-dss:f21b1c9f92... And again, some special character to allow for base64-encoded algorithm names.
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.