Digest Auth already has the algorithm as a parameter. The name "Content-MD5" can't be changed for historical reasons. >---------- >From: Roy T. Fielding[SMTP:fielding@avron.ICS.UCI.EDU] >Sent: Friday, April 26, 1996 4:08 PM >To: hallam@w3.org >Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com >Subject: Re: [Content-MD5 and Message Digest Authentication.], MD5 >broken. > >> Content-MD5: 2A1238912371239587; alg=SHA >> >> This construction is likely to break for obvious reasons. > >Phill, this has already been discussed to death. There is no advantage >to using a generic parameter name for an Entity-Header -- they can be >added >or removed at any time. The only thing you accomplish in such a >situation >is for programs to have to parse the contents of the header field in >order to know whether or not it is applicable to them, which is a >bad design. > >The obvious way to handle a new digest algorithm like SHA is > > Content-SHA: 2A1238912371239587 > >which is exactly how the HTTP protocol is designed. Leave it be. > > > ...Roy T. Fielding > Department of Information & Computer Science >(fielding@ics.uci.edu) > University of California, Irvine, CA 92717-3425 >fax:+1(714)824-4056 > http://www.ics.uci.edu/~fielding/ > >Received on Friday, 26 April 1996 16:34:45 EDT
This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:31:51 EDT