IETF Logo Mail Archive

Re: [Json-canon] [EXT] Re: Support for a WG

Samuel Erdtman <samuel@erdtman.se> Thu, 24 January 2019 06:17 UTC

Return-Path: <samuel@erdtman.se>
X-Original-To: json-canon@ietfa.amsl.com
Delivered-To: json-canon@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FEDA1310AC for <json-canon@ietfa.amsl.com>; Wed, 23 Jan 2019 22:17:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.04
X-Spam-Level:
X-Spam-Status: No, score=-2.04 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=erdtman-se.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dyr3wSFJnsGJ for <json-canon@ietfa.amsl.com>; Wed, 23 Jan 2019 22:17:33 -0800 (PST)
Received: from mail-pg1-x535.google.com (mail-pg1-x535.google.com [IPv6:2607:f8b0:4864:20::535]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 94CDD130E1C for <json-canon@ietf.org>; Wed, 23 Jan 2019 22:17:33 -0800 (PST)
Received: by mail-pg1-x535.google.com with SMTP id c25so2223251pgb.4 for <json-canon@ietf.org>; Wed, 23 Jan 2019 22:17:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=erdtman-se.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=bmzk79wLgILO92+BJ1c+DZDfHJPkepzdLIuBFUcZnf8=; b=vQOI/Z4KaMCEL28b9neCh6Ysub/v5DRSObbkOR09y7XDgFTWo4xfO1rEh8V3zcE7te X1V3XmrF79J2IERxLkN4ShWbOQJTI5+Rx4Mj2yj87vqRy13rE/Q45gpT8xA11KFx9Eyt c1eRInyHlktAxVdeWFF89Zf6x2w+2Emmc1XJAtmCwqF5gsWD6xPOg9O44dnxetvMfblS /5xkxIVdt6njjfhLhZ6iFw8BMFAp8zPjWb2qB/SaMiwlloei/3vKmkREuWf3m//d/86t ln9pNbZVnd8K0bl6TG92i6urfT3bfnQg464PTbSS15WVp5kkCXzVjUW3KJjO+xsdsBrK 1eKg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=bmzk79wLgILO92+BJ1c+DZDfHJPkepzdLIuBFUcZnf8=; b=ewIRzu2w9CVSLJ5pUQwoYOPd3UWcSchUxVjl6Uqlkhd0yST6sJXFZHKTOJLU32y03D EIdORXRX80msWQTMCxcxkHoHQ/Gip4uIJZgUyaK8TvsmZppDqnFYAwzjXF+D+TjgENaK 5ThzcBHjFzjXKHYzGiyZ7evru0EdXdewEHlyBuG/5rSYKAHAmwa+pfP2IEd3Iab450Zs murNlQgozNg4l8MK6G0LvGMp4JA7lDXYwE7pdmoqzNdBkghEbRm2kHfO2OCHTBAJb0cE hm3vBvYRxsrzBPARJMhjkEKljBhZ91uhGpECgEWI77qWHfQQrNsiiUrgagCgh7zUPerx 15ew==
X-Gm-Message-State: AJcUukdG4URZ7CAz4zzasSJVYEYAhpJwzPbdA/M5rnJasmy8FNQojTu0 SbCrLcukcWKwP13utkiSnWOYqLfcSy8Mf7ujLIBYpA==
X-Google-Smtp-Source: ALg8bN5Xa5xCIG6imPpof/GK1FdESknJm4snLFRNmu9r+Kjp4PNOGDGC57qlP4M1WBWzKH4bsxN4miNE0EXmQJHaJjQ=
X-Received: by 2002:a62:1f97:: with SMTP id l23mr5130711pfj.13.1548310652659; Wed, 23 Jan 2019 22:17:32 -0800 (PST)
MIME-Version: 1.0
References: <38C84459-3D2E-4E78-BF48-FE277388E33A@contoso.com> <21415_1547794000_5C417650_21415_473_1_34A23FAA-C8F5-40E3-8358-FD42C5F78126@tzi.org> <60B977A0-0958-4DDF-A666-A44F074E5946@mitre.org> <E7B44CE8-CE81-4AB3-9665-12D1A52FD9C5@lookingglasscyber.com> <CAF2hCbYSDsPf6p56i1uhSBZZQv7jgLdCQGqHmsVi+nzbW3_46A@mail.gmail.com> <866D8EB8-49F6-4353-B502-F3337ACDBF61@lookingglasscyber.com>
In-Reply-To: <866D8EB8-49F6-4353-B502-F3337ACDBF61@lookingglasscyber.com>
From: Samuel Erdtman <samuel@erdtman.se>
Date: Thu, 24 Jan 2019 07:17:21 +0100
Message-ID: <CAF2hCbZCxCL7CxtFWYwp-hwEio_PQev=jFgX9K_7NQneNLMzXQ@mail.gmail.com>
To: Allan Thomson <athomson@lookingglasscyber.com>
Cc: "Struse, Richard J." <rjs@mitre.org>, Carsten Bormann <cabo@tzi.org>, "json-canon@ietf.org" <json-canon@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000074415a05802e2a9d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/json-canon/yI2bzg7yu5Rmr2GnpQiHbijoFmw>
Subject: Re: [Json-canon] [EXT] Re: Support for a WG
X-BeenThere: json-canon@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: JSON Canonicalization <json-canon.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json-canon>, <mailto:json-canon-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/json-canon/>
List-Post: <mailto:json-canon@ietf.org>
List-Help: <mailto:json-canon-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json-canon>, <mailto:json-canon-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jan 2019 06:17:37 -0000

Thanks for the followup Allan.

In my opinion the application layer schemas for defining what the JSON can
look like (optional values different values meaning the same thing etc),
should be verified by application layer. I would like to keep the
canonicalization (and potential signatures) at the level where they say the
JSON has not changed.

When it comes to empty empty values I think those are values too, they
might convey some meaning to the application layer.and with empty I mean
{"empty": ""}. And since I do not want the canonicalization to be involved
with application level details optional attributes are not a concept.

Does that make sense?

Cheers
//Samuel





On Tue, Jan 22, 2019 at 5:47 PM Allan Thomson <
athomson@lookingglasscyber.com> wrote:

> I’m not sure how you can create a consistent hash value without
> considering how empty/optional fields in a JSON structure are treated
> consistently across implementations.
>
>
>
> So if the same optional/empty fields exist from 2 different
> vendors/instances then do they end up with the same hash?
>
>
>
> Allan
>
>
>
> *From: *Samuel Erdtman <samuel@erdtman.se>
> *Date: *Tuesday, January 22, 2019 at 8:37 AM
> *To: *Allan Thomson <athomson@lookingglasscyber.com>
> *Cc: *"Struse, Richard J." <rjs@mitre.org>, Carsten Bormann <cabo@tzi.org>,
> "json-canon@ietf.org" <json-canon@ietf.org>
> *Subject: *Re: [Json-canon] [EXT] Re: Support for a WG
>
>
>
> I do not think we should go into schemas, that is one of the things that
> makes XMLDigSig inconvenient. But instead keep to simple JSON stringifying
> with predictable result.
>
> On Tue, 22 Jan 2019 at 16:19, Allan Thomson <
> athomson@lookingglasscyber.com> wrote:
>
> Particularly important in what Rich says is also is to ensure the same
> hash is created where those JSON objects have optional or empty/missing
> properties that are defined in the schema of the object.
>
> Regards
>
> Allan
>
> On 1/22/19, 4:31 AM, "json-canon on behalf of Struse, Richard J." <
> json-canon-bounces@ietf.org on behalf of rjs@mitre.org> wrote:
>
>     The use case is to enable other standards that use a JSON
> serialization to be able to count on two objects, each with the same
> contents, having the same hash value based on their representation in JSON.
>
>     Does that help?
>
>     On 1/18/19, 1:47 AM, "Carsten Bormann" <cabo@tzi.org> wrote:
>
>         On Jan 18, 2019, at 03:50, Struse, Richard J. <rjs@mitre.org>
> wrote:
>         >
>         > A standardized deterministic canonicalization of JSON data
> streams is essential
>
>         For what?
>
>         I think we would all benefit if you could explain your use case.
>
>         Grüße, Carsten
>
>
>
>     --
>     json-canon mailing list
>     json-canon@ietf.org
>     https://www.ietf.org/mailman/listinfo/json-canon
>
>
> --
> json-canon mailing list
> json-canon@ietf.org
> https://www.ietf.org/mailman/listinfo/json-canon
>
>

v2.23.0 | Report a Bug | By Email