Re: Couple comments on Subresource Integrity

Hi Trevor

> 1) Why does the content-type need to be specified in the link?  Why
> not just include it as input to the hash?

I believe this is because the existing RFC already uses the syntax.
See http://tools.ietf.org/html/rfc6920#section-3.1

> 2) The "ni://" prefix seems pointless, why not just name the attribute
> after the hash algo, i.e.

Again, I believe this is because of the existing RFC, which defined this format.


thanks
Dev

Received on Tuesday, 25 March 2014 02:12:35 UTC