On 11/21/2013 02:01 PM, Tanstaafl wrote: > On 2013-11-21 7:40 AM, Tanstaafl <tansta...@libertytrek.org> wrote: >> Anyway, they would need the ability to have a generated hash of the >> uploaded file included in the email body along with the download link to >> the file, so that they could prove, if necessary, which file was linked >> in the email. > > Hmmm... maybe the link itself is or contains the hash?
No, the link itself is not a hash, because that could easily make files discoverable. That would be best implemented by the Thunderbird addon itself. Is computing a SHA1 and including it in the body good enough? Because if you want cryptographical identity, you need to generate something like a PGP file signature, not just a hash. And this is definitely much more complicated.