Re: [Content-MD5 and Message Digest Authentication.], MD5 broken.

> Content-MD5: 2A1238912371239587; alg=SHA
> This construction is likely to break for obvious reasons.

Phill, this has already been discussed to death.  There is no advantage
to using a generic parameter name for an Entity-Header -- they can be added
or removed at any time.  The only thing you accomplish in such a situation
is for programs to have to parse the contents of the header field in
order to know whether or not it is applicable to them, which is a
bad design.

The obvious way to handle a new digest algorithm like SHA is

   Content-SHA: 2A1238912371239587

which is exactly how the HTTP protocol is designed.  Leave it be.

 ...Roy T. Fielding
    Department of Information & Computer Science    (
    University of California, Irvine, CA 92717-3425    fax:+1(714)824-4056

Received on Friday, 26 April 1996 16:30:20 UTC