On Fri, Mar 3, 2017 at 11:01 PM, Alex Jordan wrote:
> On Fri, Mar 03, 2017 at 09:21:20AM +0100, Anne van Kesteren wrote:
>> I think https://github.com/w3c/webappsec-subresource-integrity/issues/22
>> is the canonical issue, but no concrete ideas thus far.
>
> Great, thanks! I've got some thoughts
I'd like to apologize to Alex Jordan for mistaking him for James Roper,
and vice versa mistaking James Roper for Alex Jordan.
In the previous email when I said "your" as in "your suggestion" I meant
to refer that to Alex, while the hash stuff was meant for James.
I got confused by a email fro
On 2017-03-03 01:02, James Roper wrote:
How about you miss-understanding the fact that a hash can only
ever guarantee that two resources are different. A hash can not
guarantee that two resources are the same. A hash do infer a high
probability they are the same but can never gua
On Thu, Mar 2, 2017 at 6:07 PM, Domenic Denicola wrote:
> I don't know what the latest is on attempting to get around this, although
> that document suggests some ideas.
I think https://github.com/w3c/webappsec-subresource-integrity/issues/22
is the canonical issue, but no concrete ideas thus fa