W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2015

[Bug 27748] New: Value of @integrity attribute not sufficiently prescriptive

From: <bugzilla@jessica.w3.org>
Date: Mon, 05 Jan 2015 03:32:54 +0000
To: public-webappsec@w3.org
Message-ID: <bug-27748-4874@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=27748

            Bug ID: 27748
           Summary: Value of @integrity attribute not sufficiently
                    prescriptive
           Product: WebAppsSec
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Subresource Integrity
          Assignee: mkwst@google.com
          Reporter: glenn@skynav.com
                CC: dev.akhawe@gmail.com, public-webappsec@w3.org

The definition for the integrity attribute (Section 3.1) says:

"This metadata is generally encoded as a “named information” (ni) URI, as
defined in RFC6920. [RFC6920]"

This is like saying it "... [may be] encoded as ...". Please change to
something like:

"This metadata is MUST be encoded as a “named information” (ni) URI, as defined
in RFC6920. [RFC6920]"

or

"This metadata is MUST be encoded as a URI, where, at a minimum, a user agent
MUST support integrity metadata encoded as a named information” (ni) URI, as
defined in RFC6920. [RFC6920]"

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Monday, 5 January 2015 03:32:55 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:09 UTC