- From: Gervase Markham <gerv@mozilla.org>
- Date: Fri, 21 Mar 2008 09:19:57 +0000
Some WHAT-WG participants may be aware of Link Fingerprints, which was a way to embed the hash of a file in a link to that file, thereby ensuring that the link user got only the exact file the link creator was referring to. http://www.foo.com/file.zip#!sha256:09F9... Implementing this idea was a Summer of Code project for Mozilla in 2007, but the draft RFC received a chilly reception on various IETF mailing lists. I have therefore reformulated Link Fingerprints as a simple extension to HTML. This makes it useful in a smaller set of contexts, but still hits the major use cases. <a href="http://www.foo.com/file.zip" checksum="sha256:09F9...">File</a> The updated spec is here: http://www.gerv.net/security/link-fingerprints/ Please read it for more detailed aims, rationale and behaviour. Would the WHAT-WG be interested in looking at standardising this? (Before anyone asks, the key difference between Link Fingerprints and Content-MD5 is that the hash is served from a different server to the file.) Gerv
Received on Friday, 21 March 2008 02:19:57 UTC