[SRI] Include sha-384 in the spec?

Should we include sha-384 as a mandatory algorithm to support?

The Chromium [1] and Firefox [2] implementations both support it and
it's part of CSP Level 2 [3].

Francois

[1]
https://code.google.com/p/chromium/codesearch#chromium/src/third_party/WebKit/Source/core/frame/SubresourceIntegrity.cpp&sq=package:chromium&type=cs&l=66

[2]
https://bitbucket.org/fmarier/mozilla-central-mq-992096/src/4a686871b1cda481e8eb6044ee2015438c1ae12b/bug992096.patch?at=default#cl-1115

[3] http://www.w3.org/TR/CSP2/#source-list-valid-hashes

Received on Wednesday, 7 January 2015 03:17:23 UTC