IETF Logo Mail Archive

Re: [Json] Kicking Off JSONbis

Anders Rundgren <anders.rundgren.net@gmail.com> Tue, 10 November 2015 16:20 UTC

Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C80431B2EC4 for <json@ietfa.amsl.com>; Tue, 10 Nov 2015 08:20:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.7
X-Spam-Level:
X-Spam-Status: No, score=-1.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QA5nE5LXb0dI for <json@ietfa.amsl.com>; Tue, 10 Nov 2015 08:20:17 -0800 (PST)
Received: from mail-wm0-x235.google.com (mail-wm0-x235.google.com [IPv6:2a00:1450:400c:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7B2D1B3A28 for <json@ietf.org>; Tue, 10 Nov 2015 08:19:22 -0800 (PST)
Received: by wmec201 with SMTP id c201so141770455wme.0 for <json@ietf.org>; Tue, 10 Nov 2015 08:19:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-type:content-transfer-encoding; bh=tNWqNE2WMsyTZwHkyH2av1Lj/9uQQ7QVTOWdorwTCzU=; b=qygMoRoYgcH1D1A5amQ2FagQREC7gLqRsxhyld/8Kv73xjFNM9zfR1Ljegzxky3t9j DbOR6asPGGdl377m7P0F5FfeRTnZfaTE5NnNUhT7cuVTato2+QH6dnHLsVIwxkiZ/1eq XPfm01fPxx5GSaIpPg5f2Mv85wTsWSh6odD0YqGtW90EHx7XRK8EXiI8CK1mTiP5d0Xd SiQzcXiZl80P5d2vioM/xvLJjC8wnT1pLIa67QSbxR3m0dyhnSphC/oUURRt4G0Y1TO/ K4+CreS7sGJ1GirJm9HX5S3csQKtetktd9l58AauMHZw2iTfMGn+LVPUldEhOjm1M1fj C2Xg==
X-Received: by 10.194.243.102 with SMTP id wx6mr4993807wjc.68.1447172361345; Tue, 10 Nov 2015 08:19:21 -0800 (PST)
Received: from [192.168.1.79] (148.198.130.77.rev.sfr.net. [77.130.198.148]) by smtp.googlemail.com with ESMTPSA id h4sm4257715wjx.41.2015.11.10.08.19.19 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 10 Nov 2015 08:19:20 -0800 (PST)
To: "Joe Hildebrand (jhildebr)" <jhildebr@cisco.com>, "Martin J. Dürst" <duerst@it.aoyama.ac.jp>, Carsten Bormann <cabo@tzi.org>
References: <DB74C466-D542-42D6-95B0-690A564435A9@cisco.com> <CAC4RtVD3cKThDTr_eS-QCUhKqZkMS0y+nPS5HxCk3f1RQ7VyJQ@mail.gmail.com> <CAHBU6iv_w_O95Nq-bU1z2GOKgouuGrMbZP4Uwio25pPtFCc3UQ@mail.gmail.com> <CALaySJ+==5_mstrgHEd7bUGzSo85Er9VR_zEaJ+gh-O+zSpK=w@mail.gmail.com> <88A80A45-E673-4D0A-995B-3872874C23AE@cisco.com> <CALaySJJ01gEoHqZ4ehVHzv8mqD1CXKV3Ave3yQPrgrAGe4yckg@mail.gmail.com> <CAHBU6iuxBvn3ug9LwcK9gvrQDLr1uz=3NCrcrZaejF2iUwiLVA@mail.gmail.com> <CAChr6SzuxZrCJ+Gfc9LkKX88SetAOTp3GpxpxVF1CmmT3j5MoQ@mail.gmail.com> <56241BFE.5080609@tzi.org> <2DB105A8-AB80-4386-915D-D9AD1FBF77AD@cisco.com> <56342E23.6000509@tzi.org> <563B15AD.3070309@it.aoyama.ac.jp> <563B17FF.5050002@gmail.com> <FF6B7829-0FA5-42D5-848D-B279069376C8@cisco.com>
From: Anders Rundgren <anders.rundgren.net@gmail.com>
Message-ID: <56421902.8040001@gmail.com>
Date: Tue, 10 Nov 2015 17:19:14 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <FF6B7829-0FA5-42D5-848D-B279069376C8@cisco.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/json/SWd60rIW08XYtXMb_hTD_QZhLf0>
Cc: "json@ietf.org" <json@ietf.org>
Subject: Re: [Json] Kicking Off JSONbis
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "JavaScript Object Notation \(JSON\) WG mailing list" <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/json/>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Nov 2015 16:20:18 -0000

On 2015-11-09 22:20, Joe Hildebrand (jhildebr) wrote:
> On 11/5/15, 1:49 AM, "json on behalf of Anders Rundgren" <json-bounces@ietf.org on behalf of anders.rundgren.net@gmail.com> wrote:
>
>
>
>> Since EMCAScript introduces predictable property order, the reference to EMCA-404 doesn't
>> really tell the whole interoperability story.
> That predictability has nothing to do with the wire format, though.  It's specific to the ECMAscript serializer and does not affect the semantics of the generated document.  It's not even terribly useful for canonicalization, without going to the trouble of creating a new ES object built in the correct order, which seems error-prone.

On the creation side there is nothing special to do in an ES6 environment.  In a non-ES6 JSON toolbox, you only need to use an ordered dictionary like LinkedHashMap in Java to get things right. Well, numeric properties would need something else but that appears to be an edge-case, not worth bothering with.   For those who disagree with that, strict creation order does in no way rule out numeric property order, it only requires a bit more care by the programmer :-)

>   On the parse side, I *guess* you might want to know that there is an information signal retained by the order of properties.  That could be used as a steganographic channel, for instance.  It doesn't seem specific to ES, though.
>
> I think there maybe some other reason why ES's property order logic might be interesting to you though - can you say more, please?
>

My target application has since mid-2013 been a JSONesque counterpart to XML's enveloped signatures but without getting bogged down by complex, stand-alone canonicalizers.  The latest developments seem to verify that the most difficult part of JSON (Numbers), also are properly canonicalized by the majority (but not all) ES6 implementations.  This enables very simple and efficient "in-object" JavaScript and JSON signatures which only rely on standard JavaScript for creating and manipulating objects and the built-in JSON parse/stringify methods for parsing and serialization respectively:

https://mailarchive.ietf.org/arch/msg/jose/s5TdEtfOdQ0z3Qmtij2yXemZW-A

Anders

v2.23.0 | Report a Bug | By Email