Re: [w3c/webpayments] Fingerprint and version metadata (in Web App Manifest spec) (#225)

@domenic Those are valid concerns.

> In general I am more comfortable letting vendor-specific use cases be covered by vendor-specific properties, instead of trying to broaden the scope and make these generally applicable.

I would prefer to have standard properties, but let vendors choose what they support. For instance, we could say that the vendor can choose which hashing algorithms are required or supported, and Android only supports sha256.

We could call it "fingerprint" instead of "integrity" if you want to distance it from the implications of SRI, and merely refer to their spec so we don't duplicate the definition.

The implementation can be handled by Android but the spec can still point to the SRI definition.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:

Received on Tuesday, 4 April 2017 02:58:04 UTC