Of course, I could do that myself pretty easily when I have the base64 hash.

Thanks!

/J

You could also trivially use tr/// to get a base-64-type encoding that uses only things matching [-\w] which requires no escaping in a URL (to preserve minimal length).

        - tye (but my friends call me "Tye")

I had this issue with MD5 hashes recently, but with even more constraints!

First, on top of using the MD5 hash in a URL, and sending that URL in an email, I also needed to use the MD5 hash in an actual email address. (Thus allowing the recipient to either go to the URL or reply to the email address.) Second, I couldn't translate to a period within the MD5 hash, because that character was already being used for something else.

I ended up using this translation (the translation from plus to plus is intentional): tr,+=/,+-_, That works fine for the email address. The only iffy part is the plus in the URL; I just made sure that the CGI script doesn't convert the plus to a space.

OK, I'm (relatively) lazy. Looking at the source code for one Perl MD5 implementation, I see that the base64 output consists of A-Za-z0-9+/. Where does "=" come in? Why do you need to use 65 different characters?

        - tye (but my friends call me "Tye")