Re: [apps-discuss] Review of draft-ietf-appsawg-json-pointer
"Martin J. Dürst" <duerst@it.aoyama.ac.jp> Fri, 16 November 2012 05:19 UTC
Return-Path: <duerst@it.aoyama.ac.jp>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C263721E8043 for <apps-discuss@ietfa.amsl.com>; Thu, 15 Nov 2012 21:19:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.637
X-Spam-Level:
X-Spam-Status: No, score=-100.637 tagged_above=-999 required=5 tests=[AWL=-0.847, BAYES_00=-2.599, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, MIME_8BIT_HEADER=0.3, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UuRh+kBrVTZp for <apps-discuss@ietfa.amsl.com>; Thu, 15 Nov 2012 21:19:45 -0800 (PST)
Received: from scintmta01.scbb.aoyama.ac.jp (scintmta01.scbb.aoyama.ac.jp [133.2.253.33]) by ietfa.amsl.com (Postfix) with ESMTP id 2101F21E802E for <apps-discuss@ietf.org>; Thu, 15 Nov 2012 21:19:44 -0800 (PST)
Received: from scmse01.scbb.aoyama.ac.jp ([133.2.253.231]) by scintmta01.scbb.aoyama.ac.jp (secret/secret) with SMTP id qAG5JX91017406 for <apps-discuss@ietf.org>; Fri, 16 Nov 2012 14:19:35 +0900
Received: from (unknown [133.2.206.133]) by scmse01.scbb.aoyama.ac.jp with smtp id 42fa_7332_34fcff2c_2fad_11e2_9855_001d096c566a; Fri, 16 Nov 2012 14:19:33 +0900
Received: from [IPv6:::1] ([133.2.210.1]:59669) by itmail.it.aoyama.ac.jp with [XMail 1.22 ESMTP Server] id <S16152FE> for <apps-discuss@ietf.org> from <duerst@it.aoyama.ac.jp>; Fri, 16 Nov 2012 14:19:36 +0900
Message-ID: <50A5CCDE.6090905@it.aoyama.ac.jp>
Date: Fri, 16 Nov 2012 14:19:26 +0900
From: "\"Martin J. Dürst\"" <duerst@it.aoyama.ac.jp>
Organization: Aoyama Gakuin University
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.9) Gecko/20100722 Eudora/3.0.4
MIME-Version: 1.0
To: Paul Hoffman <paul.hoffman@vpnc.org>
References: <D8B6B887-7206-4197-B78D-7E2B38A20EF9@vpnc.org>
In-Reply-To: <D8B6B887-7206-4197-B78D-7E2B38A20EF9@vpnc.org>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: "apps-discuss@ietf.org Discuss" <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] Review of draft-ietf-appsawg-json-pointer
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Nov 2012 05:19:45 -0000
On 2012/11/16 0:24, Paul Hoffman wrote: > - One of the security considerations is too limited. > Note that JSON pointers can contain the NUL (Unicode U+0000) > character, which may not be representable in all programming > languages. > The same is true for all control characters, and for some programming languages, all non-ASCII characters. Proposed rewording: > Note that JSON pointers can contain the NUL (Unicode U+0000) > character, control characters, non-ASCII characters, and so > on. These characters may not be representable in all programming > languages. I have to disagree here. There may indeed be programming languages that cannot handle non-ASCII characters. But these days, this means that they are very much fringe languages. On the other hand, there are also programming languages, or implementations of programming languages, that cannot handle ASCII (think EBCDIC machines). The original warning, although it doesn't say so explicitly, is more or less specifically about string representation in C. C is an extremely widely used programming language, and its usual string representation takes the null byte to signal the end of a string. So the warning essentially just reads: If you language happens to use a null byte to signal the end of a string (e.g. like in C) then you may have to be careful and invest additional effort (e.g. use a string library that handles null bytes, too). Same applies to wide strings and null 16-bit or 32-bit units. So I don't think it's a good idea to widen this warning. Regards, Martin.
- [apps-discuss] Review of draft-ietf-appsawg-json-… Paul Hoffman
- Re: [apps-discuss] Review of draft-ietf-appsawg-j… James M Snell
- Re: [apps-discuss] Review of draft-ietf-appsawg-j… Paul Hoffman
- Re: [apps-discuss] Review of draft-ietf-appsawg-j… James M Snell
- Re: [apps-discuss] Review of draft-ietf-appsawg-j… Paul Hoffman
- Re: [apps-discuss] Review of draft-ietf-appsawg-j… Manger, James H
- Re: [apps-discuss] Review of draft-ietf-appsawg-j… Mark Nottingham
- Re: [apps-discuss] Review of draft-ietf-appsawg-j… Manger, James H
- Re: [apps-discuss] Review of draft-ietf-appsawg-j… Martin J. Dürst
- Re: [apps-discuss] Review of draft-ietf-appsawg-j… Mark Nottingham