diff --git a/docs/PRIMARY_PROTOCOL.md b/docs/PRIMARY_PROTOCOL.md
index c0d31fbdfedb3d50176bc1e2cf30cb70ff07e92d..4ad2488b3845a7945df878689be6deb2c11c9994 100644
--- a/docs/PRIMARY_PROTOCOL.md
+++ b/docs/PRIMARY_PROTOCOL.md
@@ -285,8 +285,17 @@ authentication page should include a javascript shim, hosted at:
 
 ### 6.1 Public Key Format
 
-BrowserID public keys make use of Cryptographic Algorithms for JWS as [listed here](http://self-issued.info/docs/draft-ietf-jose-json-web-algorithms-00.html#SigningAlgs).
-The private/public key pair can be generated using OpenSSL.
+The public key is a JSON Web Algorihtms (JWA) public key as [listed here](http://self-issued.info/docs/draft-ietf-jose-json-web-algorithms-00.html#SigningAlgs).
+The EyeDeeMe service has a [.well-known/browserid document](https://eyedee.me/.well-known/browserid)
+that shows exactly what the [Mozilla Wiki](https://wiki.mozilla.org/Identity/BrowserID#Public_Key)
+means in the example. The EyeDeeMee key is an [RSA public key](http://www.di-mgt.com.au/rsa_alg.html#keygen) than can be generated using OpenSSL.
+
+Generate a public key JSON document in Ruby:
+
+    private_key = OpenSSL::PKey::RSA.new(1024)
+    public_key = private_key.public_key
+    {"algorithm"=> "RS", "n" => public_key.n.to_s, "e" => public_key.e.to_s }.to_json
+    
 
 ### 6.2 Certificate Format
 
diff --git a/lib/metrics.js b/lib/metrics.js
index a5961661a78e9548535b84c247b1429949ae7766..399dea903be529ff2d481c04dd602b1b18b087f1 100644
--- a/lib/metrics.js
+++ b/lib/metrics.js
@@ -21,7 +21,8 @@ const
 winston = require("winston"),
 configuration = require("./configuration"),
 path = require('path'),
-fs = require('fs');
+fs = require('fs'),
+urlparse = require('urlparse');
 
 // go through the configuration and determine log location
 // for now we only log to one place
@@ -78,9 +79,17 @@ exports.userEntry = function(req) {
   var ipAddress = req.connection.remoteAddress;
   if (req.headers['x-real-ip']) ipAddress = req.headers['x-real-ip'];
 
+  var referer = null;
+  try {
+    // don't log more than we need
+    referer = urlparse(req.headers['referer']).originOnly().toString();
+  } catch(e) {
+    // ignore malformed referrers.  just log null
+  }
+
   exports.report('signin', {
     browser: req.headers['user-agent'],
-    rp: req.headers['referer'],
+    rp: referer,
     // IP address (this probably needs to be replaced with the X-forwarded-for value
     ip: ipAddress
   });
diff --git a/scripts/assign_issues.js b/scripts/assign_issues.js
index 2c0522e171887ae140b0222f965445d6b77dbda4..6ac941032f7a34f075449db10cd0c2fc92d2c0ad 100755
--- a/scripts/assign_issues.js
+++ b/scripts/assign_issues.js
@@ -8,6 +8,7 @@ const https = require('https');
 
 // people to get issues, and the issues that were assigned to them
 var people = {
+  'ozten': [],
   'lloyd': [],
   'shane-tomlinson': [],
   'benadida': []