IETF Logo Mail Archive

Re: [Json] The names within an object SHOULD be unique.

Nico Williams <nico@cryptonector.com> Mon, 10 June 2013 17:43 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80EED21F8ECB for <json@ietfa.amsl.com>; Mon, 10 Jun 2013 10:43:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.957
X-Spam-Level:
X-Spam-Status: No, score=-1.957 tagged_above=-999 required=5 tests=[AWL=0.020, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IrmjqWm8+spL for <json@ietfa.amsl.com>; Mon, 10 Jun 2013 10:43:48 -0700 (PDT)
Received: from homiemail-a29.g.dreamhost.com (caiajhbdcaid.dreamhost.com [208.97.132.83]) by ietfa.amsl.com (Postfix) with ESMTP id 6238821F8EF7 for <json@ietf.org>; Mon, 10 Jun 2013 10:43:48 -0700 (PDT)
Received: from homiemail-a29.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a29.g.dreamhost.com (Postfix) with ESMTP id B9738674060 for <json@ietf.org>; Mon, 10 Jun 2013 10:43:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=5qYuKfwxwBkSo/HlYu/3 PJI0SuE=; b=BYSAcyMGT/lbwHKM5+EDf1wMOK8wfSAz0XTH6rHp28UOqJeaT3z/ JAh25uFEfJeEfSMB+hTu3MxHd5ny/l5nHBssVw0we+YjA7sstFrY8OaV3dx57AGh jw5etLc1tFB0xBSOre7KF068o9ltgTQnM98laYymezkXOiyE6YFzTss=
Received: from mail-we0-f176.google.com (mail-we0-f176.google.com [74.125.82.176]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a29.g.dreamhost.com (Postfix) with ESMTPSA id 1E718674070 for <json@ietf.org>; Mon, 10 Jun 2013 10:43:36 -0700 (PDT)
Received: by mail-we0-f176.google.com with SMTP id t56so5121418wes.35 for <json@ietf.org>; Mon, 10 Jun 2013 10:43:34 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=zCr+6vKOLkLbNtcwWm7IQuyqFF/uSXKBElhSj32lImc=; b=AI8kz1tZ/UndT9E+MnC+mjEk+k1Jr3QlX+d7kMhragADEPGw5KbVai+Yi0T/JKSfq/ 3dd6fJ3iKUX34eILQGnbvxZGw51duPK9tl6ziqVtjyCdWt9RCN3lds6mIKXUu8ivqvpv tMAMvoiUlHsH/IzUiUPgRpa32YN83MmUtEOePMMPKcJda8leiahvqNr5zMiXC7KdevSg 4zSPEL5O/tJ1ly3aeLJlcil6W85h0N0wSRqBTNBoKcbZE8Rdi3F3OQWuUmikD3QLqKem KEorxjhjaNvnd/+fm82pqIi+ikHifdnnlBjacvX3lhCnlp1Y25Y8lxfNbYGfnMv5vO1q 3ctA==
MIME-Version: 1.0
X-Received: by 10.180.185.225 with SMTP id ff1mr5245237wic.36.1370886214115; Mon, 10 Jun 2013 10:43:34 -0700 (PDT)
Received: by 10.216.63.136 with HTTP; Mon, 10 Jun 2013 10:43:33 -0700 (PDT)
In-Reply-To: <CA+mHimNh26EUy4OxV1oSLNKvuz3VAsJjdte5ZFriTMc5HU9dRA@mail.gmail.com>
References: <51AF8479.5080002@crockford.com> <CAK3OfOgtYoPRZ-Gj5G8AnNipDyxYs=6_KD=rQTxKbhDPX6FZNA@mail.gmail.com> <51b1168c.e686440a.5339.5fc4SMTPIN_ADDED_BROKEN@mx.google.com> <CAK3OfOhL3zXHfg9EEDWLXhjLQ1aBvvxikKAiR+nUpDHJaVh+Qg@mail.gmail.com> <51B1B47C.9060009@drees.name> <C86A9758-5BEF-415C-BD17-DC5E757FAA7E@yahoo.com> <51B1E909.2010402@drees.name> <CA+mHimN9=VZu4RRWcnk2F_uMi-+E-LDN2stb1MFNDP+o1R0WSg@mail.gmail.com> <51B1FE6A.80409@drees.name> <CA+mHimNuDwTF96v0PnEvFusCw-KEFT6QF4R9UeZ+8nbETB7oBw@mail.gmail.com> <51B45FAA.4070900@drees.name> <CA+mHimOBfb1RZhp6rYpL83rnHhrjNTeTeomi4hAv9avsYROE5A@mail.gmail.com> <62F282B7-11AA-44F8-A03B-201F2DAE51B5@vpnc.org> <CA+mHimNh26EUy4OxV1oSLNKvuz3VAsJjdte5ZFriTMc5HU9dRA@mail.gmail.com>
Date: Mon, 10 Jun 2013 12:43:33 -0500
Message-ID: <CAK3OfOi3tnRKHTFyESpks6zdHu106vDNpjptGxZds3cmE2JD3w@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: Stephen Dolan <stephen.dolan@cl.cam.ac.uk>
Content-Type: text/plain; charset="UTF-8"
Cc: Paul Hoffman <paul.hoffman@vpnc.org>, "json@ietf.org" <json@ietf.org>
Subject: Re: [Json] The names within an object SHOULD be unique.
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "JavaScript Object Notation \(JSON\) WG mailing list" <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/json>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Jun 2013 17:43:53 -0000

On Mon, Jun 10, 2013 at 12:08 PM, Stephen Dolan
<stephen.dolan@cl.cam.ac.uk> wrote:
> On Mon, Jun 10, 2013 at 6:01 PM, Paul Hoffman <paul.hoffman@vpnc.org> wrote:
>> <no hat>
>>
>> On Jun 10, 2013, at 9:55 AM, Stephen Dolan <stephen.dolan@cl.cam.ac.uk> wrote:
>>
>>> The issue is, that currently there exists a JSON document which one
>>> RFC-conforming correct JSON parser can say is indistinguishable from
>>> {a: true}, and another equally RFC-conforming correct JSON parser can
>>> say is indistinguishable from {a: false}.
>>>
>>> While my example might not have been great, this still seems easily
>>> exploitable: two parsers parsing a supposedly standard format can be
>>> tricked into seeing completely different results from the same input.
>>> Surely it would be better if we could say that one of those parsers
>>> was not RFC-conforming?
>>
>> Stated that narrowly, yes. But given your first paragraph, the comparison might be
>> more fully stated as "would it be better if we could says that one of these parsers was
>> not RFC-conforming if making such a statement caused what was a stored valid
>> JSON text now non-valid".
>
> I don't propose making any stored valid JSON text become non-valid.
> {a: true, a: false} is currently a valid JSON text, and it should
> remain so or things would break.
>
> Some JSON parsers consider that document distinguishable from {a:
> false} (e.g. streaming parsers that return all key/value pairs). Most
> of them don't.
>
> I propose that it be invalid to consider that document
> indistinguishable from {a: true}. Parsers are free to accept or reject
> it, and if they accept it they are free to return either one or two
> "a" entries, but if they only return one it must be {a: false}.

More briefly: {"a": true, "a": false} MAY be indistinguishable from
either {"a": true, "a": false} or from {"a": false}, but MUST NOT be
indistinguishable from {"a": true}.

That would allow a streaming parser application like this:

while ((name, value) = parser.nextPair()) {
    doCommand(name, value);
}

But not one like this, which I doubt anyone will argue should be allowed:

while ((name, value) = parser.nextPair()) {
    if (hash[name])
        continue;
    hash[name] = value;
    doCommand(name, value);
}

But what about this:

while ((name, value) = parser.nextPair()) {
    if (hash[name])
        throw "duplicate names!";
    hash[name] = value;
    doCommand(name, value);
}

Here {"a": true, "a": false} would be distinguished from {"a": true}
only by the error thrown, but the doCommand("a", true) action will
have run.  Is this invalidated by your construction?  I think it's
not, and one could make a reasonable argument that it should not be.
(In particular {"a": true, "a": false, "b": null} would be equivalent
to {"a": true} + an exception in this last case, but it would be
distinct from {"a": true, "b": null}.)

+1 from me.

v2.23.0 | Report a Bug | By Email