- From: Laurent Demailly <dl@hplyot.obspm.fr>
- Date: Mon, 6 Nov 1995 17:21:38 +0100
- To: Dave Kristol <dmk@allegra.att.com>
- Cc: fielding@avron.ICS.UCI.EDU, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Dave Kristol writes:
> I have headers
> Content-MD5: xyz
> Content-SHA: qrs
> The recipient computes the digests of the message and finds that the MD5
> digest matches xyz, but the SHA digest does not match qrs. Now what?
> I imagine we assume the integrity to be compromised.
> With a single Content-Digest header, there's no ambiguity.
Ahem, the mecanism I suggested does not state you have only one
algorithm key pair, you can have one or more (maybe that's not a good
thing, and can be changed,... but..)
In your example it would be "Content-Digest: MD5=xyz SHA=qrs" {or
maybe with added ";"} and as you suggested if they disagree you can
probably deduce there is a problem. So in this respects there are no
differences.
dl
--
Laurent Demailly * http://hplyot.obspm.fr/~dl/ * Linux|PGP|Gnu|Tcl|... Freedom
Received on Monday, 6 November 1995 08:26:25 UTC