New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add advisement on computing the cryptographic hash of a context #485
Conversation
…nt of the JSON-LD Context
Personally, I think it might be better to remove the language regarding computing hashes of contexts, but if it remains, it must be defined in sufficient detail to be useful. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall LGTM... minor corrections to tag nesting (p
and pre
are block level HTML elements and can't be put inside each other)... removed fragment as there is no normative spec that states how to integrity check URLs -- could use Hashlink here? Or IPFS? None of it could be normative, though.
index.html
Outdated
If included, the cryptographic hash of the content of the JSON-LD Context, MUST be computed in a manner equivalent to: | ||
<pre class="example"> | ||
curl -s https://www.w3.org/ns/did/v1#910cd6648f6f7b72a7896a8da83e63460eb8355a0af4b56b699c9281452ac8bb | openssl sha256 | ||
</pre> | ||
The integrity check is considered valid if and only if the hex digest of the resource matches the fragment. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This particular line isn't needed is it? We're not telling people how to write their software... just how to register their contexts?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this line is necessary to explain how they can register their contexts.
an alternative would be to tell them to register the URL and integrity digest separately.... which seems like a missed opportunity for making things easy, for both humans and computers.
Yeah, the more I think about it, the more I think it would be better to remove the context hashes until we can point to a spec that can refer to them in a way that is normative (with normative processing rules). Hashlink could do that, but it's years away from being a standard. |
Co-authored-by: Manu Sporny <msporny@digitalbazaar.com>
Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
Co-authored-by: David I. Lehn <dlehn@digitalbazaar.com>
Normative, multiple reviews, changes requested and made, no objections, merging. |
Addresses #464
Preview | Diff