[doseta-discuss] suggestions/concerns on spec
Dave CROCKER
dhc at dcrocker.net
Fri Jun 3 06:51:40 PDT 2011
On 6/2/2011 7:57 PM, Mark Nottingham wrote:
> My HTTP use case: I want a site-wide flag that says "everything on this site
> should be signed;
Oh boy. ADSP (rfc5617) for the web...
> if you receive something from this site that is not signed,
> it may be an indication of a MITM changing content." That's fine for "static"
> content, but for large, dynamically generated responses, buffering the entire
> thing to sign it may be undesirable, so an ability to sign something without
> the body would be useful here.
I think that having l=0 accomplishes that for you.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
More information about the doseta-discuss
mailing list