Ned Freed is pretty clever -- he'll probably come up with a multipart/security
one-liner that would accomplish such a secure dynamic reference. If it can't
be
done within the existing structure, I suspect he'll tell us how the construct
could be extended.
Thanks for the compliment!
Anyway, as it happens I was able to catch John Myers before the new content-md5
document was finalized and get some additional prose specific to the use of
this field on message/external-body objects. It was there without the
prose, but it definitely helps to talk about it explicitly in the document.
My cleverness does have limits ;-) I don't know how to go about solving the
problem of associating a checksum with a URL inside of an HTML object. I guess
a new type of URL is in order? Or should it be something in HTML?
It seems to me that the ability to tie HTML objects together this way is more
generic than email or even HTML -- doesn't it make sense to be able to
have checksum URLs inside of other sorts of stuff?
My point was that the construct is indeed reasonable, and ought to be
accomodated somehow.
I agree, and that's why I took steps to address it in the case of content-md5
and message/external-body. I got lucky that the document was up for
review and could be changed. The URL case is harder -- there's no document
up for review as far as I know and I don't think this should have to
wait for that to happen. A new URL type is probably in order here. Any
volunteers to write the spec?
Ned