Idea: add mi-sha256 to the payload - Githubissues

martinthomson / http-mice

A progressive integrity content encoding for HTTP

3 stars 2 forks source link

Idea: add mi-sha256 to the payload #12

Closed ioggstream closed 6 years ago

ioggstream commented 6 years ago

The encoded payload:

contains all the information to reconstruct the original payload skipping the validation:
- rs record size
- the many chunks
does not contain all the information to verify the validation

IF:

content validation should be between the goals of MICE,

we could:

add the mi-sha256 at the beginning of the payload

the MI header would then be

8-bytes rs + 32-bytes

NB: I'm not proposing of removing the MI header, just asking if it has sense to add the mi-sha256 to the encoded payload.

jyasskin commented 6 years ago

FAQ 1 discusses this briefly. Basically, something outside the payload needs to vouch for the top-level hash or else there's no reason to trust it any more than the other bytes of the payload. Once the client has that vouch, there's no reason to transmit the top-level hash a second time within the payload.