Re: [Json] JSON for Internet messages

John Cowan <cowan@mercury.ccil.org> Wed, 03 July 2013 20:15 UTC

Return-Path: <cowan@ccil.org>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D813F21F9AF1 for <json@ietfa.amsl.com>; Wed, 3 Jul 2013 13:15:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.578
X-Spam-Level:
X-Spam-Status: No, score=-3.578 tagged_above=-999 required=5 tests=[AWL=0.021, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b4HGxZLuMOgj for <json@ietfa.amsl.com>; Wed, 3 Jul 2013 13:15:24 -0700 (PDT)
Received: from earth.ccil.org (earth.ccil.org [192.190.237.11]) by ietfa.amsl.com (Postfix) with ESMTP id 6D83621F9A87 for <json@ietf.org>; Wed, 3 Jul 2013 13:15:24 -0700 (PDT)
Received: from cowan by earth.ccil.org with local (Exim 4.72) (envelope-from <cowan@ccil.org>) id 1UuTSU-0006vG-Tq; Wed, 03 Jul 2013 16:15:23 -0400
Date: Wed, 3 Jul 2013 16:15:22 -0400
From: John Cowan <cowan@mercury.ccil.org>
To: Tatu Saloranta <tsaloranta@gmail.com>
Message-ID: <20130703201522.GM32044@mercury.ccil.org>
References: <CAHBU6it55C5vCNLBki1LvjpWd4fANY8LdC4fzxj3a2G_+q=qSA@mail.gmail.com> <CAGrxA27wLfhLXBUF6cuuFbCEJ6yJYBtG8puiHXxNcoT3xem2zQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAGrxA27wLfhLXBUF6cuuFbCEJ6yJYBtG8puiHXxNcoT3xem2zQ@mail.gmail.com>
User-Agent: Mutt/1.5.20 (2009-06-14)
Sender: John Cowan <cowan@ccil.org>
Cc: Tim Bray <tbray@textuality.com>, "json@ietf.org" <json@ietf.org>
Subject: Re: [Json] JSON for Internet messages
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "JavaScript Object Notation \(JSON\) WG mailing list" <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/json>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jul 2013 20:15:29 -0000

Tatu Saloranta scripsit:

> It has never been a problem for me, nor has there been user requests beyond
> schema (and schema validator) implementors who care more. But it is
> possible that perhaps this has been a significant problem for others.

The trouble is that with sufficiently bad implementations, or chains
of implementations, such permissiveness can lead to a security breach,
and security being a Yang Worship Word these days, everyone cowers in
fear which such things are mentioned.  My most recent use case for
JSON (to represent the MicroXML data model) doesn't even require parsing it,
but I never suppose that for that reason JSON might as well be limited
to nothing but arrays in which the first element is always a string and
the second element is always an object with string values.

-- 
John Cowan  <cowan@ccil.org>  http://ccil.org/~cowan
Micropayment advocates mistakenly believe that efficient allocation of
resources is the purpose of markets.  Efficiency is a byproduct of market
systems, not their goal.  The reasons markets work are not because users
have embraced efficiency but because markets are the best place to allow
users to maximize their preferences, and very often their preferences are
not for conservation of cheap resources.  --Clay Shirky