It would be clumsy to insist on the signature of whole web pages, so instead we propose to use HTML elements [HTML] to define the borders of the hashed section of the document as well as other features of the hashing mechanism:
There can be as many HASH elements as hashing algorithms. Attributes of the HASH element:
HASHMETHOD, HASHVALUE and HASHPARENT have the same meaning as the METHOD, VALUE and PARENT attributes of the HASH element.
Figure 1: Publishing medical information. The publisher issues a catalogue every few months which lists all titles published, together with their hash values. The hash of the catalogue has to be distributed a trusted way, by being published in a paper journal, and signed using a long-term key.
Simplified, the way to protect part of the web page will look like:
The examination results for the second MB
degree examination are as follows:
<HASH METHOD="SHA-1" VALUE="12345678..."
<HASH METHOD="TIGER" VALUE="987654321..."
One of the URLs that refer to this page might look something like:
HASHPARENT="https://www.cert.med.ac.uk">here </A>for the list of candidates who have
satisfied the requirements for the degrees
of MB and BS.
Checking a hash involves computing the hash value on all the bytes of an HTML document between the hash-input border tags and comparing the HTML document's URL against the value specified within the hash-input. This value is then verified against the value held in the reference in the parent document.
We call this URL-with-hash combination an ERL or `eternal resource locator' as it makes static objects unique for ever. Dynamic objects are slightly more complex.