IETF Logo Mail Archive

Re: [Json] Security Considerations

Carsten Bormann <cabo@tzi.org> Thu, 06 June 2013 16:46 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16F5F21F99F0 for <json@ietfa.amsl.com>; Thu, 6 Jun 2013 09:46:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.249
X-Spam-Level:
X-Spam-Status: No, score=-106.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pVqyWUGCTgRl for <json@ietfa.amsl.com>; Thu, 6 Jun 2013 09:45:43 -0700 (PDT)
Received: from informatik.uni-bremen.de (mailhost.informatik.uni-bremen.de [IPv6:2001:638:708:30c9::12]) by ietfa.amsl.com (Postfix) with ESMTP id D88F221F99C3 for <json@ietf.org>; Thu, 6 Jun 2013 09:45:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at informatik.uni-bremen.de
Received: from smtp-fb3.informatik.uni-bremen.de (smtp-fb3.informatik.uni-bremen.de [134.102.224.120]) by informatik.uni-bremen.de (8.14.4/8.14.4) with ESMTP id r56GjXuR028490; Thu, 6 Jun 2013 18:45:33 +0200 (CEST)
Received: from 216.xarxa-10-83-85.eduroam.upc.edu (cisne-cn09.upc.es [147.83.182.9]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp-fb3.informatik.uni-bremen.de (Postfix) with ESMTPSA id 62D393EBC; Thu, 6 Jun 2013 18:45:33 +0200 (CEST)
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
Content-Type: text/plain; charset="iso-8859-1"
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <C7A8481F-07EA-4F6B-B932-71E913D3C9AF@vpnc.org>
Date: Thu, 06 Jun 2013 18:45:32 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <484B0E59-69C9-460B-811C-AB89F048B2B2@tzi.org>
References: <51AF7C55.3070606@crockford.com> <2E4D08E5-3AF2-42F5-874A-9CD872800717@vpnc.org> <CAFtB7BQvUbJtKyK8oARBywVva7KKp8a6Rhn_Zg7VRKh6Ug64Zw@mail.gmail.com> <C7A8481F-07EA-4F6B-B932-71E913D3C9AF@vpnc.org>
To: Paul Hoffman <paul.hoffman@vpnc.org>
X-Mailer: Apple Mail (2.1503)
Cc: "json@ietf.org" <json@ietf.org>
Subject: Re: [Json] Security Considerations
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "JavaScript Object Notation \(JSON\) WG mailing list" <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/json>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Jun 2013 16:46:02 -0000

On Jun 6, 2013, at 17:37, Paul Hoffman <paul.hoffman@vpnc.org> wrote:

> security considerations

I might be stating the obvious here, but:

3552 Guidelines for Writing RFC Text on Security Considerations. E.
     Rescorla, B. Korver. July 2003. (Format: TXT=110393 bytes) (Also
     BCP0072) (Status: BEST CURRENT PRACTICE)

(Clearly, a large part of that doesn't apply here, but that exactly may be the most important input from that document.)

Grüße, Carsten

v2.23.0 | Report a Bug | By Email