- From: A. Rauschenbach <rauschenbach@annuo.de>
- Date: Fri, 19 Oct 2012 20:46:24 +0200
- To: Ian Hickson <ian@hixie.ch>
- Cc: Whatwg <whatwg@whatwg.org>
Am 2012-10-19 18:49, schrieb Ian Hickson: > What is the attack scenario you are trying to avoid? > > Without a discussion of what problem you're trying to solve, it's > unclear > how to evaluate the proposal. > > The idea of a hash="" or checksum="" attribute on <a href> has come > up > before -- about once a year, as far as I can tell! -- but it's always > been > found lacking in one way or another. > I don't want to avoid any attack scenario! I want trusted information. If I write an article and link to other documents I want a solution that the visitor can be sure that the document he opens is the document I originally linked to. (And if its not he gets informed. So he knows that the information maybe differ from the one the article talks about.) The second point is that verification if a file was downloaded correctly is a computer task not a human task. A standard how to give the verification information enables the browser/plugin vendors to do this task.
Received on Friday, 19 October 2012 18:46:56 UTC