IETF Logo Mail Archive

Re: [Json] Counterproposal on work items

Mike Jones <Michael.Jones@microsoft.com> Wed, 20 February 2013 18:04 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7EF9021F88CF for <json@ietfa.amsl.com>; Wed, 20 Feb 2013 10:04:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.585
X-Spam-Level:
X-Spam-Status: No, score=-2.585 tagged_above=-999 required=5 tests=[AWL=0.014, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k+fwPS-MfxDH for <json@ietfa.amsl.com>; Wed, 20 Feb 2013 10:04:35 -0800 (PST)
Received: from na01-bl2-obe.outbound.protection.outlook.com (na01-bl2-obe.ptr.protection.outlook.com [65.55.169.28]) by ietfa.amsl.com (Postfix) with ESMTP id 9D4E821F88A0 for <json@ietf.org>; Wed, 20 Feb 2013 10:04:34 -0800 (PST)
Received: from BY2FFO11FD007.protection.gbl (10.1.15.202) by BY2FFO11HUB028.protection.gbl (10.1.14.139) with Microsoft SMTP Server (TLS) id 15.0.620.12; Wed, 20 Feb 2013 18:04:31 +0000
Received: from TK5EX14HUBC101.redmond.corp.microsoft.com (131.107.125.37) by BY2FFO11FD007.mail.protection.outlook.com (10.1.14.128) with Microsoft SMTP Server (TLS) id 15.0.620.12 via Frontend Transport; Wed, 20 Feb 2013 18:04:31 +0000
Received: from TK5EX14MBXC284.redmond.corp.microsoft.com ([169.254.1.96]) by TK5EX14HUBC101.redmond.corp.microsoft.com ([157.54.7.153]) with mapi id 14.02.0318.003; Wed, 20 Feb 2013 18:03:58 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "Matt Miller (mamille2)" <mamille2@cisco.com>, "json@ietf.org" <json@ietf.org>
Thread-Topic: [Json] Counterproposal on work items
Thread-Index: AQHOD4+SPseM1SMZE0mkChl5mvoWOpiDAwWAgAABZYCAAASqUA==
Date: Wed, 20 Feb 2013 18:03:58 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739436747B21A@TK5EX14MBXC284.redmond.corp.microsoft.com>
References: <CAHBU6ityBeA+M-PEme09gO_jVySr33-X308i1UttxrQwSgYmGQ@mail.gmail.com> <0F513426-F26D-48F4-A7A8-88F3D3DA881B@vpnc.org> <BF7E36B9C495A6468E8EC573603ED941151407B6@xmb-aln-x11.cisco.com>
In-Reply-To: <BF7E36B9C495A6468E8EC573603ED941151407B6@xmb-aln-x11.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.33]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(199002)(189002)(24454001)(13464002)(377454001)(51704002)(31966008)(5343655001)(54356001)(51856001)(23726001)(16406001)(79102001)(77982001)(56816002)(66066001)(59766001)(80022001)(5343635001)(33656001)(47976001)(561944001)(50986001)(49866001)(47736001)(65816001)(55846006)(50466001)(46406002)(20776003)(74662001)(53806001)(4396001)(46102001)(44976002)(54316002)(74502001)(47776003)(76482001)(56776001)(47446002)(63696002)(15202345001); DIR:OUT; SFP:; SCL:1; SRVR:BY2FFO11HUB028; H:TK5EX14HUBC101.redmond.corp.microsoft.com; RD:InfoDomainNonexistent; A:1; MX:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 07630F72AD
Subject: Re: [Json] Counterproposal on work items
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion related to JavaScript Object Notation \(JSON\)." <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/json>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Feb 2013 18:04:35 -0000

The "SHOULD" versus "MUST" caused the JOSE specs to have to include this language in http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-08#section-4:

   The Header Parameter Names within this object MUST be unique;
   JWSs with duplicate Header Parameter Names MUST be rejected.

Whereas, if we were referencing a RFC4627bis with the MUST, this language could be softened to be a caution about older JSON parsers, and probably moved to the Security Considerations section.

				-- Mike

-----Original Message-----
From: json-bounces@ietf.org [mailto:json-bounces@ietf.org] On Behalf Of Matt Miller (mamille2)
Sent: Wednesday, February 20, 2013 9:43 AM
To: json@ietf.org
Subject: Re: [Json] Counterproposal on work items


On Feb 20, 2013, at 10:38 AM, Paul Hoffman <paul.hoffman@vpnc.org> wrote:

> On Feb 20, 2013, at 9:27 AM, Tim Bray <tbray@textuality.com> wrote:
> 
>> My proposal is: do nothing.
>> 
>> I use JSON for protocol design and work all the time, and have not observed any interop problems in the wild which originate at the JSON parson or construction level.  I give the incoming text to the library and it Just Works or reliably reports a syntax botch.  I give my data structures to the JSON serializer and cheerfully send off whatever comes out. I read specs and build clients and servers and, when things break, it's because I'm stupidly using a bogus name or value in some field, not because of the serialization.
>> 
>> I suggest that there is not a problem here that needs the investment of precious IETF time.
> 
> -1.
> 
> There are places where RFC 4627 has SHOULDs where some processors do one thing and others do something different. That should be cleaned up in a standards-track RFC, and it should be done with lots of JSON developers and users having a discussion that comes to rough consensus.


Just to reinforce Paul's point; while things seem to more-or-less work out, there are serious questions occasionally asked about the appropriateness of JSON for use in security protocols given those differences.  It might seem like re-arranging the deck chairs, but that arrangement can be important for acceptance.


- m&m

Matt Miller < mamille2@cisco.com >
Cisco Systems, Inc.

_______________________________________________
json mailing list
json@ietf.org
https://www.ietf.org/mailman/listinfo/json

v2.23.0 | Report a Bug | By Email