Merge branch '2.4RC'2.4

2 files changed, 3 insertions, 5 deletions

diff --git a/Zotlabs/Zot/Finger.php b/Zotlabs/Zot/Finger.php
index 7e0f5fb7c..9871b5bbd 100644
--- a/Zotlabs/Zot/Finger.php
+++ b/Zotlabs/Zot/Finger.php
@@ -123,9 +123,7 @@ class Finger {
 			}
 			else {
 				logger('No signed token from '  . $url . $rhs, LOGGER_NORMAL, LOG_WARNING);
-				// after 2017-01-01 this will be a hard error unless you over-ride it.
-				if((time() > 1483228800) && (! get_config('system', 'allow_unsigned_zotfinger')))
-					return $ret;
+				return $ret;
 			}
 		}
 
diff --git a/Zotlabs/Zot/Receiver.php b/Zotlabs/Zot/Receiver.php
index 71d57eb35..0050a2559 100644
--- a/Zotlabs/Zot/Receiver.php
+++ b/Zotlabs/Zot/Receiver.php
@@ -138,7 +138,6 @@ class Receiver {
  * This packet is optionally encrypted, which we will discover if the json has an 'iv' element.
  * $contents => array( 'alg' => 'aes256cbc', 'iv' => initialisation vector, 'key' => decryption key, 'data' => encrypted data);
  * $contents->iv and $contents->key are random strings encrypted with this site's RSA public key and then base64url encoded.
- * Currently only 'aes256cbc' is used, but this is extensible should that algorithm prove inadequate.
  *
  * Once decrypted, one will find the normal json_encoded zot message packet.
  * 
@@ -156,7 +155,8 @@ class Receiver {
  *   },
  *   "recipients": { optional recipient array },
  *   "callback":"\/post",
- *   "version":1,
+ *   "version":"1.2",
+ *   "encryption":["aes256cbc"],
  *   "secret":"1eaa...",
  *   "secret_sig": "df89025470fac8..."
  * }