2023-02-07
[13:12:16.0593] <0x6a61>
> 0x6a61: most browsers support _integrity_ (hashes, not signatures)

My use case is a little bit different. I'd like to have a countermeasure against a compromised web server (in contrast to compromised CDN for which SRI was designed).  The difference is, that the attacker is able to alter HTML files and therefore the SRI attributes.