- From: Gervase Markham <gerv@mozilla.org>
- Date: Wed, 09 Jul 2008 14:50:14 +0100
[I posted this message in March; hixie asked me to go away and read the previous discussion[0]. I have now done so. The two issues raised seemed to be "it's like Content-MD5" and "people will just switch browsers". Both are addressed in the updated spec.] Some WHAT-WG participants may be aware of Link Fingerprints, which was a way to embed the hash of a file in a link to that file, thereby ensuring that the link user got only the exact file the link creator was referring to. http://www.foo.com/file.zip#!sha256:09F9... Implementing this idea was a Summer of Code project for Mozilla in 2007, but the draft RFC received a chilly reception on various IETF mailing lists. I have therefore reformulated Link Fingerprints as a simple extension to HTML. This makes it useful in a smaller set of contexts, but still hits the major use cases. <a href="http://www.foo.com/file.zip" checksum="sha256:09F9...">File</a> The updated spec is here: http://www.gerv.net/security/link-fingerprints/ Please read it for more detailed aims, rationale and behaviour. It is now very similar to the microformat proposals here: http://microformats.org/wiki/hash-examples Would the WHAT-WG be interested in looking at standardising this? Gerv [0] http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2006-November/thread.html#7825
Received on Wednesday, 9 July 2008 06:50:14 UTC