Re: [Json] secdir review of draft-ietf-jsonbis-rfc7159bis-03

Julian Reschke <julian.reschke@gmx.de> Sat, 11 March 2017 06:12 UTC

Return-Path: <julian.reschke@gmx.de>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 60964129469; Fri, 10 Mar 2017 22:12:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rnqyjii5-GiD; Fri, 10 Mar 2017 22:12:52 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 065CD128BA2; Fri, 10 Mar 2017 22:12:51 -0800 (PST)
Received: from [192.168.178.20] ([93.217.121.40]) by mail.gmx.com (mrgmx103 [212.227.17.168]) with ESMTPSA (Nemesis) id 0LhNwC-1cQSw22LQW-00maWB; Sat, 11 Mar 2017 07:12:46 +0100
To: John Cowan <cowan@ccil.org>, Benjamin Kaduk <kaduk@mit.edu>
References: <20170308014823.GF30306@kduck.kaduk.org> <382aa5c8-c977-b24d-4d19-251257833b00@gmx.de> <456b4234-0d94-1033-507c-710878bb5159@gmx.de> <20170309055348.GL30306@kduck.kaduk.org> <CAD2gp_TOxcZJxwPoMhq-xp6M+Yq+tQnMUv81YNFp-ydRMpH=5w@mail.gmail.com>
From: Julian Reschke <julian.reschke@gmx.de>
Message-ID: <bed0e331-f5fb-f24d-6207-f5a36ec9e7be@gmx.de>
Date: Sat, 11 Mar 2017 07:12:45 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <CAD2gp_TOxcZJxwPoMhq-xp6M+Yq+tQnMUv81YNFp-ydRMpH=5w@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Provags-ID: V03:K0:LCf1AaG3eRDHEgm3RLe10joYTBzTE+NJvIdrjH8yV4V+orhcr+k BhzWYehxmeNAzrC4qfYOiu1WDRVldvGFCKvMf2NuUZMz28aYJ1E/4W1SFUOEdLQsgW4qIkF tzCy6LzoWLe9wXy4TEQOjHTKu1MqS1U6etzGLjI25S8lAVPOCMHgCWUMUnQgIeA+F9exGIW UEvzgwtXFWTfeWd24so0Q==
X-UI-Out-Filterresults: notjunk:1;V01:K0:japFPxPXC5Q=:N+IIWiOcKYz/pHLBgRumPI 6qVqJqSP5KVQIw7VeyNZIn+ZE1QXz4GDRT86zqMl9dsv/WBoYlFfvhUiOEMTGzIj4ST31HEFB LYrSlt4x939UQuKFHlGbdmmYzgUMQQRvmeqh966bEX0Pooq7bXB2rzzmTd6x/KmMro07V6NQJ xNAkaGbMQWOVuqLpEFHJIPj8VDezsryKVQ2Yf7+bARo/l1ehz7G5lbZBjo/LKdY3CCB9GDKt3 wFanGcqyvLUYpcc0Whqc73t058dvQMcq8OnM/tbxrL0LzOeQyJG2j2Zgt/HykkT5kTxFku0Sf vPDM6vcoGvskLn2IxNQoscQJ5IkdXccq2SUkUzn9DZUGRu88lwuui45j7dnKVfrbDgHU47hoq WEB6qE0AeDFr7+nMI7q3csnEcZVeyl7Iq+dKLeOzyO7W25C7HAWAJFaIMsHT23w6DuaneBzDa OyYrTwcgNqV354e1W0g1sv652QoJ2cqJgKRu+3UrbEKaUvL6ue3uHpntbPRuPyIgmNXF6ZJCD Qk0gMqHoVcoC8mv/tpp59a8wSn9gx2UcDKFDWJEkVKAMMjgolIUS6SSX+OT6JJOTt865mpIDU gcGTtnHDRq17MFVHDFxb/uqgz0sdTNYonmzRC0PjEy455eBmWVJDqPbZTMX5aG63AOt/sBC/t 1ED23UfR9XkEOmMlY4GXqCd/uENPk3EuhBWoX83Q7tM6xZCBuxJiTqCIsEzx1B1gjS9WWWX8a ZQyWNbTrQ35BGmsCP6zsH+gQ0rQszCTH3B8GYlwEdQQwmSYb+/0QqMgROXYJuK7PZYVBfMxDb vbPWOPq
Archived-At: <https://mailarchive.ietf.org/arch/msg/json/dIJO50xJ5MvN2S3uAo_hJ5HPBY4>
Cc: draft-ietf-jsonbis-rfc7159bis.all@ietf.org, secdir@ietf.org, ietf@ietf.org, "json@ietf.org" <json@ietf.org>
Subject: Re: [Json] secdir review of draft-ietf-jsonbis-rfc7159bis-03
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "JavaScript Object Notation \(JSON\) WG mailing list" <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/json/>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Mar 2017 06:12:53 -0000

On 2017-03-11 03:08, John Cowan wrote:
>
> On Thu, Mar 9, 2017 at 12:53 AM, Benjamin Kaduk <kaduk@mit.edu
> <mailto:kaduk@mit.edu>> wrote:
>
>     If that's what's supposed to happen, it should probably be more
>     clear, yes.  (But aren't there texts that have valid interpretations
>     in multiple encodings?)
>
>
> Not if the content is well-formed JSON and the only possible encodings
> are UTF-8, UTF-16, and UTF-32.  It suffices to examine the first four
> bytes of the input.  If there are no NUL bytes in the first four bytes,
> it is UTF-8; if there are two NUL bytes, it is UTF-16; if there are
> three NUL bytes, it is UTF-32.  This works because the grammar requires
> the first character to be in the ASCII repertoire, and the NUL
> *character* (U+0000) is not allowed at all.

Good explanation. Maybe the spec should include it.

Best regards, Julian