- From: Sean B. Palmer <sean@miscoranda.com>
- Date: Wed, 9 Dec 2015 08:50:12 +0000
- To: "Michael[tm] Smith" <mike@w3.org>
- Cc: public-html@w3.org
I did not know about this CR, and the fact that it uses an "integrity" attribute for a hash is relevant, even though it is missing any provision for signatures. I am surprised that the CR does not specify a integrity link relationship; it probably ought to. If the CR goes to REC it would provide precedent for a "signature" attribute as Martin Janecke suggests. It may even be a good host for such an attribute. I will write to the WebAppSpec group. On Wed, Dec 9, 2015 at 4:37 AM, Michael[tm] Smith <mike@w3.org> wrote: > "Sean B. Palmer" <sean@miscoranda.com>, 2015-12-08 15:48 +0000: >> Archived-At: <http://www.w3.org/mid/CAH3-oEcc2L-vL=WVNXdU-GYyQAk1nwHX5SjJt0T+PKD3wEy9wA@mail.gmail.com> >> >> https://www.ietf.org/id/draft-palmer-signature-link-relation-00.txt >> >> Specifies a new HTML attribute, "rels" (Section 3). > > Seems like the underlying use case is something Subresource Integrity is > already intended to potentially be used to address. > > https://w3c.github.io/webappsec-subresource-integrity/ > https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity > > -- > Michael[tm] Smith https://people.w3.org/mike -- Sean B. Palmer, http://inamidst.com/sbp/
Received on Wednesday, 9 December 2015 08:50:44 UTC