- From: Mark Nottingham <mnot@mnot.net>
- Date: Thu, 8 Jan 2015 10:19:25 -0500
- To: Mike West <mkwst@google.com>
- Cc: Francois Marier <francois@mozilla.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
The registry is Expert Review, so I’d just go ahead an make the request; there’s nothing in it that’s tied to SRI specifically. If you need help, just yell. Cheers, > On 8 Jan 2015, at 4:33 am, Mike West <mkwst@google.com> wrote: > > I have no idea. :) Adding mnot as our resident IETF wonk. > > -mike > > -- > Mike West <mkwst@google.com>, @mikewest > > Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth Flores > (Sorry; I'm legally required to add this exciting detail to emails. Bleh.) > > On Mon, Jan 5, 2015 at 2:50 AM, Francois Marier <francois@mozilla.com> wrote: > We use RFC6920 URIs in the SRI spec to encode the hash algorithm and > value. That RFC created [1] a new registry [2] for the approved hash > algorithms. > > Since we intend to support sha-512 (and potentially sha-384 to match the > CSP spec [3]), should we get these algorithms added to the registry now? > Or is the right process to do that after we publish the SRI spec? > > Francois > > [1] http://tools.ietf.org/html/rfc6920#section-9.4 > [2] > https://www.iana.org/assignments/named-information/named-information.xhtml#hash-alg > [3] http://www.w3.org/TR/CSP2/#source-list-valid-hashes > > -- Mark Nottingham http://www.mnot.net/
Received on Thursday, 8 January 2015 15:19:49 UTC