IETF Logo Mail Archive

Re: [Json] The names within an object SHOULD be unique.

"Matt Miller (mamille2)" <mamille2@cisco.com> Fri, 07 June 2013 15:46 UTC

Return-Path: <mamille2@cisco.com>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA83E21F9346 for <json@ietfa.amsl.com>; Fri, 7 Jun 2013 08:46:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4v59CM04w20e for <json@ietfa.amsl.com>; Fri, 7 Jun 2013 08:46:44 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) by ietfa.amsl.com (Postfix) with ESMTP id 3833C21F9485 for <json@ietf.org>; Fri, 7 Jun 2013 08:46:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=8921; q=dns/txt; s=iport; t=1370620001; x=1371829601; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=A65Zox7mof/og9WOv61zzSDAx3lIGwZPpRnj49MwFHs=; b=QjwPvPHYWk7AzerEtFDQWhwDZn2QJL1TY0hAdGxFZz8Cc/zCGrHuQKHz 5mqsq9DDXbcbTtqfSDcRt4A+MMP1fzlCwHirVp/lJ7Vf5kxDOFGHTZK/x EgD29rWQbDrZJck8FcXb9FKOaf3KUSA1JUklLrTF/k0bTtEhesJ9+rxha 8=;
X-Files: smime.p7s : 4136
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhIFANj/sVGtJXG+/2dsb2JhbABZgwkwvnB/FnSCIwEBAQMBAQEBawsFCwIBCBgKJAIlCyUCBA4FCAaHeQYMvHYEjwcxB4J7YQOQAYEsl1WDD4FqJBk
X-IronPort-AV: E=Sophos; i="4.87,822,1363132800"; d="p7s'?scan'208"; a="220095142"
Received: from rcdn-core2-3.cisco.com ([173.37.113.190]) by rcdn-iport-5.cisco.com with ESMTP; 07 Jun 2013 15:46:40 +0000
Received: from xhc-rcd-x05.cisco.com (xhc-rcd-x05.cisco.com [173.37.183.79]) by rcdn-core2-3.cisco.com (8.14.5/8.14.5) with ESMTP id r57FkdtN005694 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Fri, 7 Jun 2013 15:46:39 GMT
Received: from xmb-aln-x11.cisco.com ([169.254.6.24]) by xhc-rcd-x05.cisco.com ([173.37.183.79]) with mapi id 14.02.0318.004; Fri, 7 Jun 2013 10:46:39 -0500
From: "Matt Miller (mamille2)" <mamille2@cisco.com>
To: Nico Williams <nico@cryptonector.com>
Thread-Topic: [Json] The names within an object SHOULD be unique.
Thread-Index: AQHOYhtyBSnxVkBEbkeV6bO5MJr11ZkpmAIAgAADZgCAAAG6gIABHt0A
Date: Fri, 07 Jun 2013 15:46:38 +0000
Message-ID: <BF7E36B9C495A6468E8EC573603ED9411527FA59@xmb-aln-x11.cisco.com>
References: <51AF8479.5080002@crockford.com> <CAK3OfOgtYoPRZ-Gj5G8AnNipDyxYs=6_KD=rQTxKbhDPX6FZNA@mail.gmail.com> <BF7E36B9C495A6468E8EC573603ED9411527EF7B@xmb-aln-x11.cisco.com> <CAK3OfOhFpzWzdzdQ99O--daKUd4nSVRDWVU8EoyQou-S+CYn+A@mail.gmail.com>
In-Reply-To: <CAK3OfOhFpzWzdzdQ99O--daKUd4nSVRDWVU8EoyQou-S+CYn+A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.129.24.59]
Content-Type: multipart/signed; boundary="Apple-Mail=_8A82AC51-F74F-4F32-A4DE-AC4A50EAA997"; protocol="application/pkcs7-signature"; micalg="sha1"
MIME-Version: 1.0
Cc: Douglas Crockford <douglas@crockford.com>, "json@ietf.org" <json@ietf.org>
Subject: Re: [Json] The names within an object SHOULD be unique.
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "JavaScript Object Notation \(JSON\) WG mailing list" <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/json>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jun 2013 15:46:49 -0000

Nico, would you clarify your proposal to indicate place or places in 4627bis-02 your text replace or append to?

With regards to parsers types elsewhere in this, while I also think there might only be two, Paul does raise an interesting point about keeping the extra terms to a minimum.  I think we can further refine the language as long as we're clear where and how this proposal fits.


- m&m

Matt Miller < mamille2@cisco.com >
Cisco Systems, Inc.

On Jun 6, 2013, at 4:39 PM, Nico Williams <nico@cryptonector.com> wrote:

> On Thu, Jun 6, 2013 at 5:33 PM, Matt Miller (mamille2)
> <mamille2@cisco.com> wrote:
>> On Jun 6, 2013, at 4:21 PM, Nico Williams <nico@cryptonector.com>
>> wrote:
>>> [...]
>> 
>> Note that so far, the document uses the term "name", not "key".  I think the following needs to substitute "key" with "name" to be consistent.
> 
> Ah, sure.
> 
>>>  Encoders SHOULD NOT send duplicate keys.  Some encoders might not
>>> be able to prevent duplicate keys.  Therefore parsers MUST be prepared
>>> to handle duplicate keys.
>>> 
>>>  Stateful parsers MUST accept [use?] only the last of any set of
>>> duplicate keys.
>>> 
>> 
>> I think this still needs to allow for stateful parsers that reject duplicate keys (for which there are some).
> 
> That's fair.
> 
>> Maybe:
>> 
>> ####
>> 
>> Stateful parsers MAY reject duplicate names. However, if duplicate names are accepted, it MUST accept only the last value of any set of duplicate names.
> 
> Sure.  I think we should define terms like "stateful parser" and
> "streaming parser".
> 
>> ####
>> 
>>>  Some parsers might not be able to detect duplicate keys, much less
>>> pick only the last of them.  Here a "stateful parser" is one that
>>> keeps on hand all of the values it decodes, as it decodes them.  Note
>>> that accepting duplicate keys presents potential security risks.  Note
>>> that sending duplicate keys risks data loss (that is, the loss of all
>>> but the last of a duplicated key's values).
>>> 
>> 
>> Can we describe a couple of specific security risks that are incurred?  I think one would be something like overwriting of the original value by an attacker intercepting the exchange.
> 
> I'm not concerned about MITMs and such.  I'm concerned about attacks
> where we have a validator of some sorts as a filter and then a final
> consumer.  The sender might send JSON that the validator accepts as
> valid, that will be passed on to the final consumer, and where the
> consumer will receive a different document (from it's p.o.v.) than the
> validator saw.
> 
> Nico
> --
> _______________________________________________
> json mailing list
> json@ietf.org
> https://www.ietf.org/mailman/listinfo/json

v2.23.0 | Report a Bug | By Email