W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2015

Re: [Integrity] typos with ni URIs

From: Devdatta Akhawe <dev.akhawe@gmail.com>
Date: Wed, 14 Jan 2015 18:17:51 -0800
Message-ID: <CAPfop_0LtdkJywbijD3YSOwoGucUD_nKCZWyPuKiTE81C=jZdw@mail.gmail.com>
To: Brian Smith <brian@briansmith.org>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>, "Manger, James" <James.H.Manger@team.telstra.com>
+1 to Brian!

On 14 January 2015 at 17:37, Brian Smith <brian@briansmith.org> wrote:
> James Manger wrote:
>> The ni:///sha-512 URI in 3.2.1 "Agility" needs to omit the "=" padding at
>> the end of the base64url encoded value. See RFC6920 section 3 definition of
>> "Digest Value":
>>
>>   "The digest value MUST be encoded using the base64url
>>
>>    [RFC4648] encoding, with no "=" padding characters."
>
> The specification shouldn't forbid the "=" padding characters. The
> fact that the draft specification has included the padding multiple
> times is good evidence that authors are going to include the padding
> too. It is trivial for an implementation to strip the padding. The
> specification should be changed to allow the padding and to require
> implementations to strip it. This would make the spec more "webby" and
> author-friendly.
>
> Cheers,
> Brian
>
Received on Thursday, 15 January 2015 02:18:38 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:09 UTC