Features/HTTP Digest header verification: Difference between revisions

Jump to navigation Jump to search

Features/HTTP Digest header verification (view source)

Revision as of 02:58, 17 April 2013

310 bytes added ,  17 April 2013
update use cases
(please save this time)
(update use cases)
Line 7: Line 7:


A number of download programs support the 'Digest' header and this behavior already.
A number of download programs support the 'Digest' header and this behavior already.
|Feature users and use cases=Current behavior: A user downloads a file but it doesn't seem to work. The support group of the project the file was downloaded for suggests the user manually validates the hash. If the user is on Windows, they must download a separate program to do this. If the user is on Linux/Unix, they must open a terminal and type a command with a long string of letters and numbers. If the long string doesn't match, they need to download the file again.
|Feature users and use cases=Jim downloads LibreOffice but the file doesn't seem to work. Jim contacts the LibreOffice support group and they suggest that Jim manually validates the hash. Jim uses Microsoft Windows, so they tell him to download a small program since nothing comes with the OS to do this. Jim installs the program, and after figuring out how to use it & select the file to hash, figures out that the download is corrupt. He contacts LibreOffice support & they tell him to re-download the file again, and manually check it again until the hash is correct. Jim has an unreliable internet connection, so it isn't until his third try that the download completes without errors.


Behavior with this feature: User initiates a binary file download. A hash is supplied in a 'Digest' header. Once the download completes successfully, Firefox automatically uses the hash to validate the file. If there is an error during transfer, a retry option can be given. If the file is complete and without errors, it can be shown as a typical completed download.
Janie downloads VLC and as a technical user, she recognizes the SHA-1 hash on the download page: http://get.videolan.org/vlc/2.0.6/macosx/vlc-2.0.6.dmg
 
See http://get.videolan.org/vlc/2.0.6/macosx/vlc-2.0.6.dmg


"If you have a problem, click here. SHA-1 checksum: 65742a2194185790925a4dcd6105ca27eb3e386a"
"If you have a problem, click here. SHA-1 checksum: 65742a2194185790925a4dcd6105ca27eb3e386a"


http://download.documentfoundation.org/libreoffice/stable/4.0.2/mac/x86/LibreOffice_4.0.2_MacOS_x86.dmg.mirrorlist
As a seasoned Linux user, she knows she may open a terminal and type a command to manually verify that the download completed without errors. Luckily there are no errors, so she uses the file. Janie wishes her browser automatically took care of this for her, even though she knows how to do it.


"SHA-256 Hash: 98a8a7a6aed21d173bf0e8b06d0ff30dcd807550837e41e72670affa8bdd71b6
Behavior with this feature: User initiates a binary file download. A hash is supplied in a 'Digest' header. Once the download completes successfully, Firefox automatically uses the hash to validate the file. If there is an error during transfer, a retry option can be given. If the file is complete and without errors, it can be shown as a typical completed download.
SHA-1 Hash: 7d1997d3831b3ff17642a14ea891ad2d4d899eb2
MD5 Hash: a183b43533db2a20701c42185a44b37e"
}}
}}
{{FeatureInfo}}
{{FeatureInfo}}
{{FeatureTeamStatus}}
{{FeatureTeamStatus}}
Antbryan
4

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/647210"

Navigation menu