[whatwg] Link Fingerprints (HTML version) take 2

Gervase Markham gerv at mozilla.org
Wed Jul 9 06:50:14 PDT 2008


[I posted this message in March; hixie asked me to go away and read the
previous discussion[0]. I have now done so. The two issues raised seemed
to be "it's like Content-MD5" and "people will just switch browsers".
Both are addressed in the updated spec.]

Some WHAT-WG participants may be aware of Link Fingerprints, which was a
way to embed the hash of a file in a link to that file, thereby ensuring
that the link user got only the exact file the link creator was
referring to.
http://www.foo.com/file.zip#!sha256:09F9...

Implementing this idea was a Summer of Code project for Mozilla in 2007,
but the draft RFC received a chilly reception on various IETF mailing
lists. I have therefore reformulated Link Fingerprints as a simple
extension to HTML. This makes it useful in a smaller set of contexts,
but still hits the major use cases.
<a href="http://www.foo.com/file.zip" checksum="sha256:09F9...">File</a>

The updated spec is here:
http://www.gerv.net/security/link-fingerprints/
Please read it for more detailed aims, rationale and behaviour. It is
now very similar to the microformat proposals here:
http://microformats.org/wiki/hash-examples

Would the WHAT-WG be interested in looking at standardising this?

Gerv

[0]
http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2006-November/thread.html#7825



More information about the whatwg mailing list