W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1996

useful document identification (was encouraging....)

From: Erik Aronesty <earonesty@montgomery.com>
Date: Wed, 7 Aug 1996 14:26:39 -0700
Message-Id: <c=US%a=_%p=Montgomery%l=EXCHANGE_SERVE-960807212639Z-247@sf-exch-2.montgomery.com>
To: "'http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com'" <http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com>
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/1231
>I suggest using "Content-ID" for a globally unique originator-supplied

this cannot be used in a secure and verifiable fashion....which is
probably why nobody who cares about the integrity of their data uses it.


yes what? an attempt at sarcasm?  the lack of any verifiable content
identification in HTTP is marked.
>> *2. the method of identification (secure MD5 hash, 
>>	registration authority, etc.)

how would you propose to validate the identity of a document without
knowing the method of identification?
i would reference the rfc on http-digests where the hash-method is...of
course...critical to the process of password-authentication.  this
information is also required for document authentication
>> 3. the scope of the content-identifier (eg: *.com)
>always global

>in the rfc "draft-ietf-http-digest-aa-04" this "useless" feature of
>scoping is addressed in reference to authentication digests.  the point
>was to define a scope for password caching.  this also applies to
document-level caching and for the same reasons detailed therein

in order to perform accurate object identification, a usable
>"Content-ID" header should be specified
Received on Wednesday, 7 August 1996 14:29:52 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:17 UTC