IETF Logo Mail Archive

Re: [Json] The names within an object SHOULD be unique.

Douglas Crockford <douglas@crockford.com> Wed, 05 June 2013 19:00 UTC

Return-Path: <douglas@crockford.com>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5481D21F84D8 for <json@ietfa.amsl.com>; Wed, 5 Jun 2013 12:00:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KeHIO4NucA0g for <json@ietfa.amsl.com>; Wed, 5 Jun 2013 12:00:20 -0700 (PDT)
Received: from mout.perfora.net (mout.perfora.net [74.208.4.195]) by ietfa.amsl.com (Postfix) with ESMTP id C0FAE21F8168 for <json@ietf.org>; Wed, 5 Jun 2013 12:00:09 -0700 (PDT)
Received: from [192.168.114.223] ([216.113.168.135]) by mrelay.perfora.net (node=mrus1) with ESMTP (Nemesis) id 0M1m9C-1UPsNC1PtS-00u4FU; Wed, 05 Jun 2013 14:59:50 -0400
Message-ID: <51AF8A9B.1020900@crockford.com>
Date: Wed, 05 Jun 2013 11:59:39 -0700
From: Douglas Crockford <douglas@crockford.com>
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20130509 Thunderbird/17.0.6
MIME-Version: 1.0
To: Tim Bray <tbray@textuality.com>
References: <51AF8479.5080002@crockford.com> <CAHBU6iuBhjYOVbqWE1ANvCtOw5QOUM0LWYJCsiX5DRrVaY=iKA@mail.gmail.com>
In-Reply-To: <CAHBU6iuBhjYOVbqWE1ANvCtOw5QOUM0LWYJCsiX5DRrVaY=iKA@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Provags-ID: V02:K0:pRBZZwWO9bK4I7oF+yohVLCK1txjUzuNbSa/iJWDLdQ DJwj5HYoO7iuHEbzSNfHJBGW9eTmlEXSm/gTVlBFr9edQEhOFO I1jluW72vtNiz6McqDADW+HaY/vbCUbn4IQQ1NynDvoDocCRSJ Q4PoDK6pua6FjyB3IHPM0f9vZeb5apW2MeHy9np6gA/7X2p9Dj 15rXgfv5SlO/d0D0AdnG7dfVBcl+80wBP/8OwFd1DHv7YNtxOJ yYO/hVX2c7cc5j0uvj4WbO9xztP3fErqI0Y2NkEgHurQpMlD51 kkKKh6KsqXK5a0teJOWEwUZxjOB0oG1ZHlVDbwFRJSxxeiA+EE ZDMLaWRB+eTG665HjhTCx7mxFG5ciAo1np8+3DaOs
Cc: json@ietf.org
Subject: Re: [Json] The names within an object SHOULD be unique.
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "JavaScript Object Notation \(JSON\) WG mailing list" <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/json>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Jun 2013 19:00:26 -0000

On 6/5/2013 11:38 AM, Tim Bray wrote:
>
> Or, leave it as is and address it in the best practices doc.
> -T
>
> On Jun 5, 2013 11:35 AM, "Douglas Crockford" <douglas@crockford.com 
> <mailto:douglas@crockford.com>> wrote:
>
>     This was the biggest blunder in the RFC. SHOULD should have been MUST.
>
>     It is, sadly, too late to repair this. Instead, we must specify
>     what happens when you do the thing you SHOULD NOT do. We need to
>     provide implementations some slack here because some
>     implementations do the right thing and reject. Some
>     implementations do the lazy thing and take that last use of the name.
>

I like that, except that I am concerned about security exploits that are 
possible if some systems keep the first use and others keep the last. 
HTTP, for example, suffered from this. So I would like to be more 
specific. An implementation SHOULD reject, but if it accepts, it MUST 
take the last use.

v2.23.0 | Report a Bug | By Email