- From: Tab Atkins Jr. <jackalmage@gmail.com>
- Date: Fri, 19 Oct 2012 12:22:09 -0700
- To: "A. Rauschenbach" <rauschenbach@annuo.de>
- Cc: Whatwg <whatwg@whatwg.org>, Ian Hickson <ian@hixie.ch>
On Fri, Oct 19, 2012 at 11:46 AM, A. Rauschenbach <rauschenbach@annuo.de> wrote: > Am 2012-10-19 18:49, schrieb Ian Hickson: >> What is the attack scenario you are trying to avoid? >> >> Without a discussion of what problem you're trying to solve, it's unclear >> how to evaluate the proposal. >> >> The idea of a hash="" or checksum="" attribute on <a href> has come up >> before -- about once a year, as far as I can tell! -- but it's always been >> found lacking in one way or another. >> > I don't want to avoid any attack scenario! > > I want trusted information. > > If I write an article and link to other documents I want a solution that the > visitor can be sure that the document he opens is the document I originally > linked to. (And if its not he gets informed. So he knows that the > information maybe differ from the one the article talks about.) That's also an attach scenario. ^_^ I doubt it would be very useful to use this for confirming that arbitrary destination pages are the same. Those can change in minor, unimportant ways all the time; a lot of pages include some form of dynamic content that means they'll almost *never* be exactly the same from pageload to pageload. It seems highly likely that trying to use a checksum for this scenario would simply result in the browser over-warning people, thus making the warning useless. Using it specifically to defend against attack scenarios in *downloads*, on the other hand, is more likely to be useful. Downloads don't change nearly as much as pages do, so a change is more likely to be a result of something you don't want, rather than simply something incidental. However, check out the threads that Hixie referenced. The upsides and downsides of something like this have been discussed quite a bit already. ~TJ
Received on Friday, 19 October 2012 19:22:58 UTC