[Json] Secure JSON Procedure Call
Phillip Hallam-Baker <phill@hallambaker.com> Wed, 02 September 2015 20:08 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 204431B345F for <json@ietfa.amsl.com>; Wed, 2 Sep 2015 13:08:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.622
X-Spam-Level:
X-Spam-Status: No, score=0.622 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CZuSUKNpgrIa for <json@ietfa.amsl.com>; Wed, 2 Sep 2015 13:08:10 -0700 (PDT)
Received: from mail-lb0-x232.google.com (mail-lb0-x232.google.com [IPv6:2a00:1450:4010:c04::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7A071B337F for <json@ietf.org>; Wed, 2 Sep 2015 13:08:09 -0700 (PDT)
Received: by lbcjc2 with SMTP id jc2so12801652lbc.0 for <json@ietf.org>; Wed, 02 Sep 2015 13:08:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:message-id:subject:from:to:content-type; bh=/M7fpuIK8p+Th4I5/g7RFd3tpdaETos/gTnMRm7V9qc=; b=xr6tPCF68Nq6KkFnOiukpMt5Gq/zrTms6PB7i3TM4mLrd3GzsGh7SwN94kbw3l8lTg poPZ5PpgAELWbVjL9BP5nh8tcwo+b9v3VETc/Qcf7Ix42SaKy2SjpIltQ1ZIIbBeImLx 7qHkuW0JP9tNsqvORV6tPL6cY3G8AscsFYh0C8ig0QMR5v4U79f/RQQY0Rj8Xzzq9gGw NwXW0IvVEy09Pe9y5McJuEU/uHESlbBhBHud20MvVS51WONhbJV0TMcrViO2YyA1M6Ef QPNJGo8GHeGntvAz2EPUooEln1gzpahUwaSbFcYG8+JSmHgLFlgA5y2laIeVVJhOPg1P XNfA==
MIME-Version: 1.0
X-Received: by 10.112.160.98 with SMTP id xj2mr17913214lbb.124.1441224488075; Wed, 02 Sep 2015 13:08:08 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.203.163 with HTTP; Wed, 2 Sep 2015 13:08:08 -0700 (PDT)
Date: Wed, 02 Sep 2015 16:08:08 -0400
X-Google-Sender-Auth: sJ3sFK4DxKfptRERUi0jCf-H3Nk
Message-ID: <CAMm+Lwh8-F0mwKJNYGHmwQP9Dw+7F4DsedveQy38T1G=k6QiWw@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: JSON WG <json@ietf.org>
Content-Type: multipart/alternative; boundary="001a11c3421ca749cf051ec939a5"
Archived-At: <http://mailarchive.ietf.org/arch/msg/json/kCAn-cLn0PcKLLaXOfDtW6dTErE>
Subject: [Json] Secure JSON Procedure Call
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "JavaScript Object Notation \(JSON\) WG mailing list" <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/json/>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Sep 2015 20:08:12 -0000
Looking to see if there is interest in specifying a standard approach to writing a secure RPC call mechanism using JSON as the encoding. The key here is 'secure'. Every message must be authenticated and validated in a consistent fashion. The idea being that at a certain layer of abstraction, every protocol can be reduced to a caller API and a symmetric dispatch class. So for the mesh service I am just writing, I have a class: /// <summary> /// The new base class for the client and service side APIs. /// </summary> public abstract partial class MeshService : Goedel.Protocol.JPCService { /// <summary> /// The caller session context. /// </summary> public JPCSession Session; /// <summary> /// Base class for implementing the transaction. /// </summary> public virtual VersionResponse Version ( VersionRequest Request) { var Response = new VersionResponse (); // Do stuff. return Response; } ... } There is a client class that inherits from this and adds the bits a caller needs on the caller side (i.e. identify the service to bind to, the account and credential) and the bits that are needed on the server side (was the message authenticated, what account is it bound to, what stream, etc.) While this is very close to traditional RPC. As with the difference between JSON and XML, what is thrown away is the important part. SOAP was designed to provide an all-singing, all-dancing remote procedure call for remotting COM objects over the Web. That might not be what people thought they were trying to do but it was what they ended up doing. And a lot of the complexity of the WS-* stack with SOAP, WSDL, WS-Security, etc. all layering on top of each other come from the fact that this is a layer that has to be transparent and invisible to the calling applications. That is not how we write network protocols. Well, not good ones. The 'signature' (as in schema, not digital signature) of an API call and a network protocol have a similar function but one describes a representation in computer memory, the other describes a serialization to be sent on a wire. That has some important consequences. We don't really care about the difference between int and Int32. Int64, UInt64, etc. in the network version. All we care about is that we can represent the data we expect to see comfortably in whatever language we choose to use and respond gracefully otherwise. Another big difference is that on the net, there is no difference between an array and a list or a set. Where XML RPC like things go wrong is that they are attempts to replicate the in-memory representation of the data structure at another place. And the in-memory data structure has a lot of material that is really not suited to being replicated. We have pointers off to objects that haven't been transmitted yet or may not be needed at all. An in-memory list is likely indexed with some sort of hash dictionary for fast access. But on the wire it is just a list. Rebuilding the index at the other end is easier than sending it on the wire. Anyone else thinking on these lines? I have some tools I am building and it would be nice if we could get to some consistency.
- [Json] Secure JSON Procedure Call Phillip Hallam-Baker