Re: [integrity] What should we hash? from Devdatta Akhawe on 2014-04-09 (public-webappsec@w3.org from April 2014)

From: Devdatta Akhawe <dev.akhawe@gmail.com>
Date: Wed, 9 Apr 2014 12:39:15 -0500
To: Boris Zbarsky <bzbarsky@mit.edu>
Cc: Mark Nottingham <mnot@mnot.net>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <CAPfop_3VDZf3Pa_y0_9EC4V8fUbwnRb_hgCYq4bVQfDo2=RkmQ@mail.gmail.com>

>
>
> Sites do that sort of thing all the time.  _All_ the time...
>
> hahahaha.. ok. I bow to your far more extensive experience with all this :)

I am going to wait a few days in case anyone else wants to chime in, else I
will modify the spec to say what you are pushing for. See previous email if
you want to see the text again
http://lists.w3.org/Archives/Public/public-webappsec/2014Mar/0047.html

thanks
dev

Received on Wednesday, 9 April 2014 17:40:04 UTC