- From: Sean B. Palmer <sean@miscoranda.com>
- Date: Wed, 9 Dec 2015 08:56:13 +0000
- To: public-webappsec@w3.org
Yesterday I published an Internet-Draft for discussion which proposes a method for associating web resources with cryptographic digital signatures: https://www.ietf.org/id/draft-palmer-signature-link-relation-00.txt Michael Smith directed me to this group as working on a relevant technology, Subresource Integrity. I would like to suggest two things: * That the "integrity" attribute should come with a counterpart link relation for use in the "Link" HTTP header and "rel" HTML attribute. * That the "signature" link relation and some signature counterpart to "integrity" may have a place in your Subresource Integrity work. I understand that the work is advanced, being at the CR phase within the W3C. But I would not like to produce a solution to the problem of signature verification in complete independence from your work, and I therefore solicit your feedback. -- Sean B. Palmer
Received on Wednesday, 9 December 2015 08:56:45 UTC