I remember that Gerv was interested in a similar idea many years ago, you might want to see if he went anywhere with it.
https://blog.gerv.net/2005/03/link_fingerprin_1/ On Fri, Mar 24, 2017 at 10:12 AM, Gregory Szorc <g...@mozilla.com> wrote: > I recently reinstalled Windows 10 on one of my machines. This involved > visiting various web sites and downloading lots of software. > > It is pretty common for software publishers to publish hashes or > cryptographic signatures of software so the downloaded software can be > verified. (Often times the download is performed through a CDN, mirroring > network, etc and you may not have full trust in the server operator.) > > Unless you know how to practice safe security, you probably don't bother > verifying downloaded files match the signatures authors have provided. > Furthermore, many sites redundantly write documentation for how to verify > the integrity of downloads. This feels sub-optimal. > > This got me thinking: why doesn't the user agent get involved to help > provide better download security? What my (not a web standard spec author) > brain came up with is standardized metadata in the HTML for the download > link (probably an <a>) that defines file integrity information. When the > user agent downloads that file, it automatically verifies file integrity > and fails the download or pops up a big warning box, etc or things don't > check out. In other words, this mechanism would extend the trust anchor in > the source web site (likely via a trusted x509 cert) to file downloads. > This would provide additional security over (optional) x509 cert validation > of the download server alone. Having the integrity metadata baked into the > origin site is important: you can't trust the HTTP response from the > download server because it may be from an untrusted server. > > Having such a feature would also improve the web experience. How many times > have you downloaded a corrupted file? Advanced user agents (like browsers) > could keep telemetry of how often downloads fail integrity. This could be > used to identify buggy proxies, malicious ISPs rewriting content, etc. > > I was curious if this enhancement to the web platform has ever been > considered and/or if it is something Mozilla would consider pushing. > > gps > _______________________________________________ > dev-platform mailing list > dev-platform@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-platform > _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
