http://codereview.appspot.com/11948/diff/1/2 File doc/html/compiledModuleFormat/index.html (right): http://codereview.appspot.com/11948/diff/1/2#newcode122 Line 122: <td><code class="prettyprint">sha1sum</code></td> On 2009/01/21 19:43:40, jasvir wrote:
On 2009/01/21 19:32:22, MikeSamuel wrote: > Do we want the name of a particular hashing algorithm in the
property name?
> SHA-1 will be replaced at some point by a new hash algo. When the algorithm changes, we probably want old signatures to break
too. We
can split the checksum into two keys, one that names the algorithm and
one that
gives it a value but I am not sure how that's better than this.
Fair enough. What's the point of having a hash anyway? Aren't we more likely to want to verify a signature? So the container JS has one or more DSA public keys baked in, and it can then verify content from one of a set of trusted gadget providers. http://codereview.appspot.com/11948
