- From: Francois Marier <francois@mozilla.com>
- Date: Mon, 05 Jan 2015 14:50:30 +1300
- To: "public-webappsec@w3.org" <public-webappsec@w3.org>
We use RFC6920 URIs in the SRI spec to encode the hash algorithm and value. That RFC created [1] a new registry [2] for the approved hash algorithms. Since we intend to support sha-512 (and potentially sha-384 to match the CSP spec [3]), should we get these algorithms added to the registry now? Or is the right process to do that after we publish the SRI spec? Francois [1] http://tools.ietf.org/html/rfc6920#section-9.4 [2] https://www.iana.org/assignments/named-information/named-information.xhtml#hash-alg [3] http://www.w3.org/TR/CSP2/#source-list-valid-hashes
Received on Monday, 5 January 2015 01:51:03 UTC