Re: [SRI] We need to stop the proliferation of malicious software from Daniel Veditz on 2020-11-30 (public-webappsec@w3.org from November 2020)

From: Daniel Veditz <dveditz@mozilla.com>
Date: Sun, 29 Nov 2020 21:54:42 -0800
To: Dominic Farolino <domfarolino@gmail.com>
Cc: Greg Neumiller <rlneumiller@gmail.com>, WebAppSec WG <public-webappsec@w3.org>
Message-ID: <CADYDTCBqdaNJQqCexrHh+fHa+cEWuMW=QHj2ePOkGYnbi2z2PQ@mail.gmail.com>

> Can you be more specific? It seems that subresource integrity is
implemented
> in most browsers: https://caniuse.com/?search=integrity

Greg's mail is ambiguous, but it sounds like an upvote in favor of
https://github.com/w3c/webappsec-subresource-integrity/issues/68 (applying
SRI to downloads). The current broad browser support only applies to some
resources like scripts.

-Dan Veditz

Received on Monday, 30 November 2020 05:55:13 UTC