"Richard Brodie" <R.Brodie at rl.ac.uk> writes: > Why not write the field as algorithm:value? > e.g. sha1:8590b685654367e3eba70dc00df7e45e88c21da4 This is reasonable, though I would deprecate md5 and sha1 already, and start with sha256.