Re: [Integrity] typos with ni URIs

Mike West <mkwst@google.com> wrote:
> Why is it beneficial for the user agent to reject an encoding that it could
> trivially understand? It doesn't feel like we're jumping through hoops to
> accept "any old" encoding if we accept either "+" or "/" in an encoded hash.

I think we're violently agreeing. My point is that when you allow this
flexibility, then you are no longer specifying the use of standard
RFC6920 URLs, but rather something similar-but-different. If we're
willing to break conformance with RFC6920 then we might as well
optimize it further for our convenience, by removing the "ni:///"
prefix and by replacing the ";" with something that works better for
CSP, such as ":", e.g.:

    <digest-name> ":" <digest-value> [ "?ct=" <content-type> ]

Note that this is a valid URL, where the scheme is the digest name and
the path is the digest-value.

Cheers,
Brian

Received on Monday, 19 January 2015 21:41:16 UTC