W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1996

useful document identification (was encouraging....)

From: Erik Aronesty <earonesty@montgomery.com>
Date: Wed, 7 Aug 1996 14:26:39 -0700
Message-Id: <c=US%a=_%p=Montgomery%l=EXCHANGE_SERVE-960807212639Z-247@sf-exch-2.montgomery.com>
To: "'http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com'" <http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com>
>I suggest using "Content-ID" for a globally unique originator-supplied
>identifier.

this cannot be used in a secure and verifiable fashion....which is
probably why nobody who cares about the integrity of their data uses it.

>yes

yes what? an attempt at sarcasm?  the lack of any verifiable content
identification in HTTP is marked.
>
>> *2. the method of identification (secure MD5 hash, 
>>	registration authority, etc.)
>
>unnecessary

how would you propose to validate the identity of a document without
knowing the method of identification?
i would reference the rfc on http-digests where the hash-method is...of
course...critical to the process of password-authentication.  this
information is also required for document authentication
>
>> 3. the scope of the content-identifier (eg: *.com)
>
>always global

>in the rfc "draft-ietf-http-digest-aa-04" this "useless" feature of
>scoping is addressed in reference to authentication digests.  the point
>was to define a scope for password caching.  this also applies to
document-level caching and for the same reasons detailed therein

in order to perform accurate object identification, a usable
>"Content-ID" header should be specified
>
Received on Wednesday, 7 August 1996 14:29:52 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:32:06 EDT