Re: [Json] Canonicalization
Mike Jones <Michael.Jones@microsoft.com> Wed, 20 February 2013 03:56 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BEEB721F8855 for <json@ietfa.amsl.com>; Tue, 19 Feb 2013 19:56:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.498
X-Spam-Level:
X-Spam-Status: No, score=-2.498 tagged_above=-999 required=5 tests=[AWL=0.100, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iadc9Awc3kqU for <json@ietfa.amsl.com>; Tue, 19 Feb 2013 19:56:24 -0800 (PST)
Received: from na01-by2-obe.outbound.protection.outlook.com (na01-by2-obe.ptr.protection.outlook.com [207.46.100.30]) by ietfa.amsl.com (Postfix) with ESMTP id 9C8FA21F8853 for <json@ietf.org>; Tue, 19 Feb 2013 19:56:24 -0800 (PST)
Received: from BL2FFO11FD007.protection.gbl (10.173.161.204) by BL2FFO11HUB014.protection.gbl (10.173.160.106) with Microsoft SMTP Server (TLS) id 15.0.620.12; Wed, 20 Feb 2013 03:56:21 +0000
Received: from TK5EX14HUBC104.redmond.corp.microsoft.com (131.107.125.37) by BL2FFO11FD007.mail.protection.outlook.com (10.173.161.3) with Microsoft SMTP Server (TLS) id 15.0.620.12 via Frontend Transport; Wed, 20 Feb 2013 03:56:21 +0000
Received: from TK5EX14MBXC284.redmond.corp.microsoft.com ([169.254.1.96]) by TK5EX14HUBC104.redmond.corp.microsoft.com ([157.54.80.25]) with mapi id 14.02.0318.003; Wed, 20 Feb 2013 03:56:09 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "Paul C. Bryan" <pbryan@anode.ca>, Tim Bray <tbray@textuality.com>, Nico Williams <nico@cryptonector.com>
Thread-Topic: [Json] Canonicalization
Thread-Index: AQHODxli7EFk+IKM5U2ZmOMMlqjPFpiCHjrq
Date: Wed, 20 Feb 2013 03:56:08 +0000
Message-ID: <4E1F6AAD24975D4BA5B168042967394367478431@TK5EX14MBXC284.redmond.corp.microsoft.com>
References: <fa2gnjyy06b79yjgpt7531ot.1361330494445@email.android.com>
In-Reply-To: <fa2gnjyy06b79yjgpt7531ot.1361330494445@email.android.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B168042967394367478431TK5EX14MBXC284r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(479174001)(377454001)(51704002)(199002)(189002)(24454001)(74662001)(74502001)(54356001)(79102001)(54316002)(51856001)(56776001)(80022001)(512944001)(55846006)(46102001)(50986001)(16236675001)(56816002)(49866001)(47976001)(47736001)(4396001)(33656001)(5343655001)(31966008)(16406001)(65816001)(53806001)(47446002)(5343635001)(76482001)(77982001)(44976002)(59766001)(20776003)(63696002); DIR:OUT; SFP:; SCL:1; SRVR:BL2FFO11HUB014; H:TK5EX14HUBC104.redmond.corp.microsoft.com; RD:InfoDomainNonexistent; A:1; MX:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 07630F72AD
Cc: Francis Galiegue <fgaliegue@gmail.com>, Paul Hoffman <paul.hoffman@vpnc.org>, "json@ietf.org" <json@ietf.org>
Subject: Re: [Json] Canonicalization
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion related to JavaScript Object Notation \(JSON\)." <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/json>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Feb 2013 03:56:25 -0000
+1 ________________________________ From: Paul C. Bryan Sent: 2/19/2013 7:21 PM To: Tim Bray; Nico Williams Cc: Francis Galiegue; Paul Hoffman; json@ietf.org Subject: Re: [Json] Canonicalization +1 Tim Bray <tbray@textuality.com> wrote: >OK, this discussion has convinced me that there’s no real need for this >group to proactively take up JSON c14n. If at some future point there’s a >strong demonstrated real (not hypothetical) use case, it’s a fairly >tractable problem. But for now, it’s unnecessary work. > >-T > > >On Tue, Feb 19, 2013 at 7:11 PM, Nico Williams <nico@cryptonector.com>wrote: > >> On Tue, Feb 19, 2013 at 9:00 PM, Francis Galiegue <fgaliegue@gmail.com> >> wrote: >> > On Wed, Feb 20, 2013 at 3:36 AM, Nico Williams <nico@cryptonector.com> >> wrote: >> > [...] >> >> >> >> Yes and no. If the verifier and the signer both have the same >> >> document then no c14n is needed. If the verifier must reconstruct the >> >> signed document -as opposed to receiving it from the signer- then the >> >> verifier must reconstruct exactly the signed document or the signature >> >> will not verify. >> >> >> > >> > There is one thing I don't get: in any case, what is transmitted over >> > the network is just a stream of bytes. One end writes that stream, the >> > other reads it. >> >> No, in this one case the two ends construct some data. A good example >> would be channel bindings (RFCs 5056, 5929), except that mostly that >> has no structure, so it's not really a good example after all, but it >> illustrates the point. >> >> > In order for the receiving end to interpret that data, should signing >> > be used, it needs to verify that the _byte stream_, not its >> > interpretation, is correct. That byte stream MAY be JSON. It may not >> > be. >> >> That's just it: in this case the data isn't transmitted, only the >> signature. There's many protocols that transmit signatures (or >> hashes) but not necessarily contents. E.g., rsync. What if you had a >> JSON-based synchronization protocol and you're sending file metadata, >> only there's a lot of it (e.g., large ACLs), and you're trying to >> avoid sending it, so you send file names and metadata hashes, and if >> the receiver's don't match then you send the actual metadata? >> >> Nico >> -- >> _______________________________________________ >> json mailing list >> json@ietf.org >> https://www.ietf.org/mailman/listinfo/json >> _______________________________________________ json mailing list json@ietf.org https://www.ietf.org/mailman/listinfo/json
- Re: [Json] Canonicalization Paul C. Bryan
- Re: [Json] Canonicalization Mike Jones