Provide hash for HTTP/HTTPS content URIs

[justinmeiners]

Although most examples host content on IPFS, the spec suggests that other hosts such as HTTP could be used.

Any URI which contains a cryptographic hash which can be used to verify the integrity of the content found at the URI.

My question is, how should this be applied to HTTP/HTTPS? For example, to pull content from Github, I would also like to verify the download with a hash. How could I specify this hash?

[njgheorghita]

In my opinion, it's really left up to the implementer to verify http(s) content however they desire. In py-ethpm we require http(s) uris to conform to this scheme. This definitely might change down the road, but for now it's what we're going with

[njgheorghita]

You can also check out the Manifest URIs section of the ERC for another option.

[justinmeiners]

@njgheorghita Thanks for this info. I understand its the implementor's job to verify, it would just be nice if there was a standard optional place for putting a hash. Using the URI fragment looks like a good idea.