IETF Logo Mail Archive

Re: [DNSOP] New draft on representing DNS messages in JSON

Paul Hoffman <paul.hoffman@vpnc.org> Sat, 06 September 2014 16:02 UTC

Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63F331A0472 for <dnsop@ietfa.amsl.com>; Sat, 6 Sep 2014 09:02:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.947
X-Spam-Level:
X-Spam-Status: No, score=-0.947 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5HH0-dM0WlzM for <dnsop@ietfa.amsl.com>; Sat, 6 Sep 2014 09:02:12 -0700 (PDT)
Received: from proper.com (Hoffman.Proper.COM [207.182.41.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 809381A0466 for <dnsop@ietf.org>; Sat, 6 Sep 2014 09:02:12 -0700 (PDT)
Received: from [10.20.30.90] (142-254-17-22.dsl.dynamic.fusionbroadband.com [142.254.17.22]) (authenticated bits=0) by proper.com (8.14.9/8.14.7) with ESMTP id s86G23Fl027954 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Sat, 6 Sep 2014 09:02:06 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
X-Authentication-Warning: proper.com: Host 142-254-17-22.dsl.dynamic.fusionbroadband.com [142.254.17.22] claimed to be [10.20.30.90]
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <21515.5128.207638.132193@guava.gson.org>
Date: Sat, 06 Sep 2014 09:02:02 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <49C5E3D2-A6DC-43BD-9C04-8CE64353844E@vpnc.org>
References: <B4ACD73A-25EF-4063-81D4-DCFE6DB78AB1@vpnc.org> <E87141BE-71E6-4F6F-9506-257A9FA681B7@vpnc.org> <21515.5128.207638.132193@guava.gson.org>
To: Andreas Gustafsson <gson@araneus.fi>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/TYPxvTrsks-voUQKZEB0U88Fdno
Cc: Shane Kerr <shane@time-travellers.org>, dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] New draft on representing DNS messages in JSON
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Sep 2014 16:02:14 -0000

Thanks for the comments!

On Sep 6, 2014, at 7:02 AM, Andreas Gustafsson <gson@araneus.fi> wrote:

> In draft-hoffman-dns-in-json-01.txt, Section 2.5, Paul Hoffman wrote:
>>  Given this, there are many possible choices for how to represent
>>  domain names in JSON in a human-readable fashion.  In this list,
>>  exampes are given for the label that has six octets 0x4341743A7FB52E
>>  under the TLD "example".  Some examples are:
>> 
>>  o  Show the character for all octets that are ASCII displayable
>>     characters (0x21 to 0x7E, but not 0x2E), and the RFC 1035 "\DDD"
>>     escaping for all other octets: "CAt:\D127\D181\D046.example."
> 
> There is no literal D in the \DDD encoding, so the final string should
> read "CAt:\127\181\046.example."
> 
>>  o  Show the character for all octets that are ASCII displayable
>>     characters (0x21 to 0x7E, but not 0x2E), and the normal JSON
>>     escaping for all other octets: "CAt:&u007f&u00b5&u002e.example."
> 
> The normal JSON escaping uses backslashes, not ampersands, and so
> would result in "CAt:\u007f\u00b5\u002e.example.".  

You are, of course, right on both of those. Fixed in the next version of the draft.

> But unless you are
> actually suggesting a second layer of JSON-like escaping on top of
> that applied by the JSON encoder, this will not work.  

Fully agree. That's why I used the examples in the paragraph preceding this. It is unlikely that anyone would want to see a string with an unprintable character in it, particularly a DEL character, but that is what you could get if you relied on the JSON encoder. Even if that was OK with you, the other example (turning 0xC2 0xB5 into 0xB5) seems terribly dangerous.

> Firstly, when
> using a standard JSON encoder, you do not have control over which
> characters get escaped and which do not.  Secondly, even if you did
> manage to produce a JSON document where "." and "\u002e" are intended
> to mean different things, when that document is read by a standard
> JSON decoder, they will result in identical string objects, and the
> distinction will be lost.

Exactly right.

Shane, does this all convince you that \u encoding would be a bad idea?

--Paul Hoffman

v2.23.0 | Report a Bug | By Email