| Table of Contents |
|---|
...
Every signed message contains Signature-Key-Timestamp HTTP header which value should replace the timestamp parameter in the URL to the public key. The key timestamp has to be verified: It may not be older than 13 weeks plus one hour buffer. Exemplary server which validates those signatures is available here.