W3C home > Mailing lists > Public > public-webappsec@w3.org > December 2015


From: Sean B. Palmer <sean@miscoranda.com>
Date: Wed, 9 Dec 2015 08:56:13 +0000
Message-ID: <CAH3-oEcLH0ZOGKcb0g8ZCpXWemtG1XmLYNpudFY+wMMyBMdEpA@mail.gmail.com>
To: public-webappsec@w3.org
Yesterday I published an Internet-Draft for discussion which proposes
a method for associating web resources with cryptographic digital


Michael Smith directed me to this group as working on a relevant
technology, Subresource Integrity. I would like to suggest two things:

* That the "integrity" attribute should come with a counterpart link
relation for use in the "Link" HTTP header and "rel" HTML attribute.
* That the "signature" link relation and some signature counterpart to
"integrity" may have a place in your Subresource Integrity work.

I understand that the work is advanced, being at the CR phase within
the W3C. But I would not like to produce a solution to the problem of
signature verification in complete independence from your work, and I
therefore solicit your feedback.

Sean B. Palmer
Received on Wednesday, 9 December 2015 08:56:45 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:53 UTC