Re: [Json] The names within an object SHOULD be unique.
Nico Williams <nico@cryptonector.com> Thu, 06 June 2013 22:47 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0359821F8528 for <json@ietfa.amsl.com>; Thu, 6 Jun 2013 15:47:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CiqbAOWifEML for <json@ietfa.amsl.com>; Thu, 6 Jun 2013 15:47:09 -0700 (PDT)
Received: from homiemail-a73.g.dreamhost.com (mailbigip.dreamhost.com [208.97.132.5]) by ietfa.amsl.com (Postfix) with ESMTP id 1E2A221F8618 for <json@ietf.org>; Thu, 6 Jun 2013 15:47:09 -0700 (PDT)
Received: from homiemail-a73.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a73.g.dreamhost.com (Postfix) with ESMTP id D07FF1F0081 for <json@ietf.org>; Thu, 6 Jun 2013 15:46:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=3lbI8QJgZf3Zz12F1JQA KJI6DAk=; b=KP3AYEGEcQ2YPPGdMlLaZ/th02QViClL/jcAu/52+JdhEy6MqJlI hren8BwIRaRoBS4GABgl5Q/5Ge+la0/QfGJg0v0A+TWC0oGGtH0/ADzs5ID5N8hS v6J2T0GK7njlVqVEu7rhdq4tSNrLGNZBySito4TR2e06s7kfSVbuZOQ=
Received: from mail-wg0-f54.google.com (mail-wg0-f54.google.com [74.125.82.54]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a73.g.dreamhost.com (Postfix) with ESMTPSA id 754E01F0078 for <json@ietf.org>; Thu, 6 Jun 2013 15:46:57 -0700 (PDT)
Received: by mail-wg0-f54.google.com with SMTP id j13so2653976wgh.9 for <json@ietf.org>; Thu, 06 Jun 2013 15:46:56 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=A3EsmK/iF7AHpc9gA5s6xun57hJuD0AeWj/W/4QAPXc=; b=Ir/iXQrj8IYe+5LrZacMrSgWazTMsUFWDed0hssYSRdKdPErxe/uGgT/i/KI9VOMge HVuW4CqHdoYvENgBMWIE45J74NydytbCOJ21CfqFIIgNc5myQ1O5J9MYd45d5JMu8qai MknRQgXuQ/r9GORBV3slT5lwag9h1Ui4+zXmpzNOsmpbj0zGfaSw1Y5fVoXaB5gbwMC6 NYunqAt1KvlJJ1N2oImcd6UDNY+/clZCbyYXfgEFR61Yoscs0RYBCUijr+yFVvZywDNA C7KAmPrW4eNMrJbrdLyRfl+whJH3Vi7WH/5ZaKNA4Db5cegS/96eg/1YlOmwcRE/Kk+m mwGw==
MIME-Version: 1.0
X-Received: by 10.194.79.74 with SMTP id h10mr2433796wjx.84.1370558395911; Thu, 06 Jun 2013 15:39:55 -0700 (PDT)
Received: by 10.216.63.136 with HTTP; Thu, 6 Jun 2013 15:39:55 -0700 (PDT)
In-Reply-To: <BF7E36B9C495A6468E8EC573603ED9411527EF7B@xmb-aln-x11.cisco.com>
References: <51AF8479.5080002@crockford.com> <CAK3OfOgtYoPRZ-Gj5G8AnNipDyxYs=6_KD=rQTxKbhDPX6FZNA@mail.gmail.com> <BF7E36B9C495A6468E8EC573603ED9411527EF7B@xmb-aln-x11.cisco.com>
Date: Thu, 06 Jun 2013 17:39:55 -0500
Message-ID: <CAK3OfOhFpzWzdzdQ99O--daKUd4nSVRDWVU8EoyQou-S+CYn+A@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: "Matt Miller (mamille2)" <mamille2@cisco.com>
Content-Type: text/plain; charset="UTF-8"
Cc: Douglas Crockford <douglas@crockford.com>, "json@ietf.org" <json@ietf.org>
Subject: Re: [Json] The names within an object SHOULD be unique.
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "JavaScript Object Notation \(JSON\) WG mailing list" <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/json>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Jun 2013 22:47:14 -0000
On Thu, Jun 6, 2013 at 5:33 PM, Matt Miller (mamille2) <mamille2@cisco.com> wrote: > On Jun 6, 2013, at 4:21 PM, Nico Williams <nico@cryptonector.com> > wrote: >> [...] > > Note that so far, the document uses the term "name", not "key". I think the following needs to substitute "key" with "name" to be consistent. Ah, sure. >> Encoders SHOULD NOT send duplicate keys. Some encoders might not >> be able to prevent duplicate keys. Therefore parsers MUST be prepared >> to handle duplicate keys. >> >> Stateful parsers MUST accept [use?] only the last of any set of >> duplicate keys. >> > > I think this still needs to allow for stateful parsers that reject duplicate keys (for which there are some). That's fair. > Maybe: > > #### > > Stateful parsers MAY reject duplicate names. However, if duplicate names are accepted, it MUST accept only the last value of any set of duplicate names. Sure. I think we should define terms like "stateful parser" and "streaming parser". > #### > >> Some parsers might not be able to detect duplicate keys, much less >> pick only the last of them. Here a "stateful parser" is one that >> keeps on hand all of the values it decodes, as it decodes them. Note >> that accepting duplicate keys presents potential security risks. Note >> that sending duplicate keys risks data loss (that is, the loss of all >> but the last of a duplicated key's values). >> > > Can we describe a couple of specific security risks that are incurred? I think one would be something like overwriting of the original value by an attacker intercepting the exchange. I'm not concerned about MITMs and such. I'm concerned about attacks where we have a validator of some sorts as a filter and then a final consumer. The sender might send JSON that the validator accepts as valid, that will be passed on to the final consumer, and where the consumer will receive a different document (from it's p.o.v.) than the validator saw. Nico --
- Re: [Json] The names within an object SHOULD be u… Eliot Lear
- Re: [Json] The names within an object SHOULD be u… Tim Bray
- [Json] The names within an object SHOULD be uniqu… Douglas Crockford
- Re: [Json] The names within an object SHOULD be u… Douglas Crockford
- Re: [Json] The names within an object SHOULD be u… John Cowan
- Re: [Json] The names within an object SHOULD be u… Markus Lanthaler
- Re: [Json] The names within an object SHOULD be u… Stephan Beal
- Re: [Json] The names within an object SHOULD be u… Nico Williams
- Re: [Json] The names within an object SHOULD be u… Markus Lanthaler
- Re: [Json] The names within an object SHOULD be u… Vinny A
- Re: [Json] The names within an object SHOULD be u… Stephan Beal
- Re: [Json] The names within an object SHOULD be u… Douglas Crockford
- Re: [Json] The names within an object SHOULD be u… Vinny A
- Re: [Json] The names within an object SHOULD be u… Vinny A
- Re: [Json] The names within an object SHOULD be u… Nico Williams
- Re: [Json] The names within an object SHOULD be u… Nico Williams
- Re: [Json] The names within an object SHOULD be u… Douglas Crockford
- Re: [Json] The names within an object SHOULD be u… Joe Hildebrand (jhildebr)
- Re: [Json] The names within an object SHOULD be u… Tim Bray
- Re: [Json] The names within an object SHOULD be u… Matthew Morley
- Re: [Json] The names within an object SHOULD be u… Tatu Saloranta
- Re: [Json] The names within an object SHOULD be u… Joe Hildebrand (jhildebr)
- Re: [Json] The names within an object SHOULD be u… Stefan Drees
- Re: [Json] The names within an object SHOULD be u… Joe Hildebrand (jhildebr)
- Re: [Json] The names within an object SHOULD be u… Bjoern Hoehrmann
- Re: [Json] The names within an object SHOULD be u… Douglas Crockford
- Re: [Json] The names within an object SHOULD be u… Tony Hansen
- Re: [Json] The names within an object SHOULD be u… Stephan Beal
- Re: [Json] The names within an object SHOULD be u… Paul Hoffman
- Re: [Json] The names within an object SHOULD be u… Stephan Beal
- Re: [Json] The names within an object SHOULD be u… Vinny A
- Re: [Json] The names within an object SHOULD be u… Matthew Morley
- Re: [Json] The names within an object SHOULD be u… Markus Lanthaler
- Re: [Json] The names within an object SHOULD be u… Paul Hoffman
- Re: [Json] The names within an object SHOULD be u… Tatu Saloranta
- Re: [Json] The names within an object SHOULD be u… Tatu Saloranta
- Re: [Json] The names within an object SHOULD be u… Pete Cordell
- Re: [Json] The names within an object SHOULD be u… Nico Williams
- Re: [Json] The names within an object SHOULD be u… Matt Miller (mamille2)
- Re: [Json] The names within an object SHOULD be u… John Cowan
- Re: [Json] The names within an object SHOULD be u… Nico Williams
- Re: [Json] The names within an object SHOULD be u… Nico Williams
- Re: [Json] The names within an object SHOULD be u… Paul Hoffman
- Re: [Json] The names within an object SHOULD be u… Nico Williams
- Re: [Json] The names within an object SHOULD be u… Markus Lanthaler
- Re: [Json] The names within an object SHOULD be u… Tatu Saloranta
- Re: [Json] The names within an object SHOULD be u… Tatu Saloranta
- Re: [Json] The names within an object SHOULD be u… John Cowan
- Re: [Json] The names within an object SHOULD be u… Nico Williams
- Re: [Json] The names within an object SHOULD be u… R S
- Re: [Json] The names within an object SHOULD be u… Tim Bray
- Re: [Json] The names within an object SHOULD be u… Vinny A
- Re: [Json] The names within an object SHOULD be u… Markus Lanthaler
- Re: [Json] The names within an object SHOULD be u… Stefan Drees
- Re: [Json] The names within an object SHOULD be u… Vinny A
- Re: [Json] The names within an object SHOULD be u… Stefan Drees
- Re: [Json] The names within an object SHOULD be u… Vinny A
- Re: [Json] The names within an object SHOULD be u… Stephen Dolan
- Re: [Json] The names within an object SHOULD be u… Stefan Drees
- Re: [Json] The names within an object SHOULD be u… Paul Hoffman
- Re: [Json] The names within an object SHOULD be u… Matt Miller (mamille2)
- Re: [Json] The names within an object SHOULD be u… Allen Wirfs-Brock
- Re: [Json] The names within an object SHOULD be u… Allen Wirfs-Brock
- Re: [Json] The names within an object SHOULD be u… Douglas Crockford
- Re: [Json] The names within an object SHOULD be u… Nico Williams
- Re: [Json] The names within an object SHOULD be u… Allen Wirfs-Brock
- Re: [Json] The names within an object SHOULD be u… Douglas Crockford
- Re: [Json] The names within an object SHOULD be u… Jacob Davies
- Re: [Json] The names within an object SHOULD be u… Tim Bray
- Re: [Json] The names within an object SHOULD be u… Vinny A
- Re: [Json] The names within an object SHOULD be u… Allen Wirfs-Brock
- Re: [Json] The names within an object SHOULD be u… Nico Williams
- Re: [Json] The names within an object SHOULD be u… John Cowan
- Re: [Json] The names within an object SHOULD be u… R S
- Re: [Json] The names within an object SHOULD be u… Stephen Dolan
- Re: [Json] The names within an object SHOULD be u… Stefan Drees
- Re: [Json] The names within an object SHOULD be u… Nico Williams
- Re: [Json] The names within an object SHOULD be u… Stefan Drees
- Re: [Json] The names within an object SHOULD be u… Nico Williams
- Re: [Json] The names within an object SHOULD be u… Dean Landolt
- Re: [Json] The names within an object SHOULD be u… John Cowan
- Re: [Json] The names within an object SHOULD be u… Marcos Caceres
- Re: [Json] The names within an object SHOULD be u… Stephen Dolan
- Re: [Json] The names within an object SHOULD be u… Paul Hoffman
- Re: [Json] The names within an object SHOULD be u… Stephen Dolan
- Re: [Json] The names within an object SHOULD be u… Nico Williams
- Re: [Json] The names within an object SHOULD be u… John Cowan
- Re: [Json] The names within an object SHOULD be u… Stefan Drees
- Re: [Json] The names within an object SHOULD be u… Nico Williams
- Re: [Json] The names within an object SHOULD be u… Stephan Beal
- Re: [Json] The names within an object SHOULD be u… John Levine
- Re: [Json] The names within an object SHOULD be u… Stephen Dolan
- Re: [Json] The names within an object SHOULD be u… Jorge Chamorro
- Re: [Json] The names within an object SHOULD be u… John Cowan
- Re: [Json] The names within an object SHOULD be u… Jorge Chamorro
- Re: [Json] The names within an object SHOULD be u… John Cowan
- Re: [Json] The names within an object SHOULD be u… Jorge Chamorro
- Re: [Json] The names within an object SHOULD be u… Joe Hildebrand (jhildebr)
- Re: [Json] The names within an object SHOULD be u… John Cowan
- Re: [Json] fun with streaming, was The names with… John Levine
- Re: [Json] fun with streaming, was The names with… Tim Bray
- Re: [Json] fun with streaming, was The names with… Nico Williams
- Re: [Json] fun with streaming, was The names with… Stephan Beal
- Re: [Json] fun with streaming, was The names with… Tatu Saloranta
- Re: [Json] The names within an object SHOULD be u… Jorge Chamorro
- Re: [Json] The names within an object SHOULD be u… Tatu Saloranta
- Re: [Json] fun with streaming, was The names with… Jorge Chamorro
- Re: [Json] fun with streaming, was The names with… John R Levine
- Re: [Json] fun with streaming, was The names with… Vinny A
- Re: [Json] fun with streaming, was The names with… Joe Hildebrand (jhildebr)
- Re: [Json] fun with streaming, was The names with… Tatu Saloranta