Features/HTTP Digest header verification

{{#set:Feature name=Hash validation after binary download completes successfully

|Feature stage=` |Feature status=` |Feature version=` |Feature health=` |Feature status note=` }}

{{#set:Feature product manager=`

|Feature feature manager=` |Feature lead engineer=` |Feature security lead=` |Feature privacy lead=` |Feature localization lead=` |Feature accessibility lead=` |Feature qa lead=` |Feature ux lead=` |Feature product marketing lead=` |Feature operations lead=` |Feature additional members=` }}

`

1. Feature overview

Sometimes downloads have an error during transfer. HTTP has a 'Digest' header field (RFC 3230, RFC 5843) which allows a server to give the hash of a file. Firefox could use this hash from the 'Digest' header to validate the file after the binary download completes successfully. If the hashes match, then the file has been transferred without error. If the hashes do not match, then an error has occurred.

A number of download programs support the 'Digest' header and this behavior already.

2. Users & use cases

Current behavior: A user downloads a file but it doesn't seem to work. The support group of the project the file was downloaded for suggests the user manually validates the hash. If the user is on Windows, they must download a separate program to do this. If the user is on Linux/Unix, they must open a terminal and type a command with a long string of letters and numbers. If the long string doesn't match, they need to download the file again.

Behavior with this feature: User initiates a binary file download. A hash is supplied in a 'Digest' header. Once the download completes successfully, Firefox automatically uses the hash to validate the file. If there is an error during transfer, a retry option can be given. If the file is complete and without errors, it can be shown as a typical completed download.

See http://get.videolan.org/vlc/2.0.6/macosx/vlc-2.0.6.dmg

"If you have a problem, click here. SHA-1 checksum: 65742a2194185790925a4dcd6105ca27eb3e386a"

http://download.documentfoundation.org/libreoffice/stable/4.0.2/mac/x86/LibreOffice_4.0.2_MacOS_x86.dmg.mirrorlist

"SHA-256 Hash: 98a8a7a6aed21d173bf0e8b06d0ff30dcd807550837e41e72670affa8bdd71b6 SHA-1 Hash: 7d1997d3831b3ff17642a14ea891ad2d4d899eb2 MD5 Hash: a183b43533db2a20701c42185a44b37e"

3. Dependencies

`

4. Requirements

`

Non-goals

`

5. Functional specification

`

6. User experience design

`

7. Implementation plan

`

8. Reviews

Security review

`

Privacy review

`

Localization review

`

Accessibility

`

Quality Assurance review

`

Operations review

`

9. Implementation

`

10. Landing criteria

` {{#set:Feature open issues and risks=` |Feature overview=Sometimes downloads have an error during transfer. HTTP has a 'Digest' header field (RFC 3230, RFC 5843) which allows a server to give the hash of a file. Firefox could use this hash from the 'Digest' header to validate the file after the binary download completes successfully. If the hashes match, then the file has been transferred without error. If the hashes do not match, then an error has occurred.

A number of download programs support the 'Digest' header and this behavior already. |Feature users and use cases=Current behavior: A user downloads a file but it doesn't seem to work. The support group of the project the file was downloaded for suggests the user manually validates the hash. If the user is on Windows, they must download a separate program to do this. If the user is on Linux/Unix, they must open a terminal and type a command with a long string of letters and numbers. If the long string doesn't match, they need to download the file again.

Behavior with this feature: User initiates a binary file download. A hash is supplied in a 'Digest' header. Once the download completes successfully, Firefox automatically uses the hash to validate the file. If there is an error during transfer, a retry option can be given. If the file is complete and without errors, it can be shown as a typical completed download.

See http://get.videolan.org/vlc/2.0.6/macosx/vlc-2.0.6.dmg

"If you have a problem, click here. SHA-1 checksum: 65742a2194185790925a4dcd6105ca27eb3e386a"

http://download.documentfoundation.org/libreoffice/stable/4.0.2/mac/x86/LibreOffice_4.0.2_MacOS_x86.dmg.mirrorlist

"SHA-256 Hash: 98a8a7a6aed21d173bf0e8b06d0ff30dcd807550837e41e72670affa8bdd71b6 SHA-1 Hash: 7d1997d3831b3ff17642a14ea891ad2d4d899eb2 MD5 Hash: a183b43533db2a20701c42185a44b37e" |Feature dependencies=` |Feature requirements=` |Feature non-goals=` |Feature functional spec=` |Feature ux design=` |Feature implementation plan=` |Feature security review=` |Feature privacy review=` |Feature localization review=` |Feature accessibility review=` |Feature qa review=` |Feature operations review=` |Feature implementation notes=` |Feature landing criteria=` }}

{{#set:Feature priority=`

|Feature rank=999 |Feature theme=` |Feature roadmap=` |Feature secondary roadmap=` |Feature list=` |Feature project=` |Feature engineering team=` }}

{{#set:Feature products status=`

|Feature products notes=` |Feature engineering status=` |Feature engineering notes=` |Feature security status=` |Feature security health=` |Feature security notes=` |Feature privacy status=` |Feature privacy notes=` |Feature localization status=` |Feature localization notes=` |Feature accessibility status=` |Feature accessibility notes=` |Feature qa status=` |Feature qa notes=` |Feature ux status=` |Feature ux notes=` |Feature product marketing status=` |Feature product marketing notes=` |Feature operations status=` |Feature operations notes=` }}