Re: [Json] secdir review of draft-ietf-jsonbis-rfc7159bis-03

Martin J. Dürst <duerst@it.aoyama.ac.jp> Mon, 13 March 2017 07:52 UTC

Return-Path: <duerst@it.aoyama.ac.jp>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E6070129545; Mon, 13 Mar 2017 00:52:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=itaoyama.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hbN1UAZ5ZJts; Mon, 13 Mar 2017 00:52:01 -0700 (PDT)
Received: from JPN01-OS2-obe.outbound.protection.outlook.com (mail-os2jpn01on0123.outbound.protection.outlook.com [104.47.92.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5770A1294B2; Mon, 13 Mar 2017 00:52:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=itaoyama.onmicrosoft.com; s=selector1-it-aoyama-ac-jp; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=RpcTQuyV2LNcidqlEQUoSnzjBpZ0DGp8PzdYi/LZUr8=; b=Y5wzBoLRYEgicdKDouFdRjqydWcwfRFnq9hjHsBjDW468u485MIButBlqRhagvo3iGHCGDuBlyokgNznNhjJSiQdqBCSp8cSKT31/p+CIytXmhPdxLbmQ0dE3/PtYxsS/vJ7YOafFzmtRkJsrihYieiJ+oA3+ctZ9qqsyHoNnfY=
Authentication-Results: mit.edu; dkim=none (message not signed) header.d=none;mit.edu; dmarc=none action=none header.from=it.aoyama.ac.jp;
Received: from [192.168.160.103] (122.220.198.115) by TY1PR01MB0651.jpnprd01.prod.outlook.com (10.167.158.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.947.12; Mon, 13 Mar 2017 07:51:59 +0000
To: Julian Reschke <julian.reschke@gmx.de>, Elwyn Davies <elwynd@dial.pipex.com>, Peter Cordell <petejson@codalogic.com>, Ned Freed <ned.freed@mrochek.com>
References: <otwresf20y4vnpmoboqqjnux.1489359742487@email.android.com> <0d3258fa-0f9d-cc5d-06d7-fcba943349ad@gmx.de>
From: =?UTF-8?Q?Martin_J._D=c3=bcrst?= <duerst@it.aoyama.ac.jp>
Organization: Aoyama Gakuin University
Message-ID: <f63c6a4a-dfbb-e03a-ea1e-38002f81ced8@it.aoyama.ac.jp>
Date: Mon, 13 Mar 2017 16:51:58 +0900
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <0d3258fa-0f9d-cc5d-06d7-fcba943349ad@gmx.de>
Content-Type: text/plain; charset="utf-8"; format=flowed
Content-Transfer-Encoding: 7bit
X-Originating-IP: [122.220.198.115]
X-ClientProxiedBy: TYXPR0101CA0006.jpnprd01.prod.outlook.com (10.168.40.144) To TY1PR01MB0651.jpnprd01.prod.outlook.com (10.167.158.14)
X-MS-Office365-Filtering-Correlation-Id: 2915304f-a10e-477d-44c1-08d469e5d411
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001);SRVR:TY1PR01MB0651;
X-Microsoft-Exchange-Diagnostics: 1; TY1PR01MB0651; 3:8+HBGMAzDoRqvKKKeT8C1MlX6ZjzDq1fyx8BgZVEDQVJoCEpd068pQM1VgQEuWKixaxeteDN+xbipsh1cL4LntQau+HxdNu086xt5uLqiWoCU1qjjg6eBCfYkRP7YLsoyBwekiC5zWjvzH23wmne11kgCtLn81SopkKTApAVGuVY2P/Dm5a6kRJSGJDPymqCmXlhw/boWTpByA1rmtAam+RrrxKw2uSKNF0fJi1poxm4zNkAb52AzJXWHQOBVfs55MAEen0haEuRsSM7T0l3XA==; 25:9+RF5SUINutkc0i0H2erNtbf3bJtAnecbaV7D+48jp7g+kI46+LMXjfcVv1hNPGqTw8imyaP29WBzQ/3TrJG5kJixiyySlI2H/rkIwM0djo80mloE5lQhPQVwKNIqjiqrC7X6nd99ehvccDHbL79O1i6tqL852kWveW5oroEYPvYDsvySlJ1LBqGkmKxWE0cvQcnnXXdl28dW3ekj78W7Eqefq81zzP/wZXKUKypEJ5glaXQ/F+MK10zWC36rpeSJnHisx3GFeJVvjlOwIAICBMvDIg/WjRpGxWLJjKeZzWwyYWJ3VjXRcsuDxSnERlcD+EqrMTgpVJ1wPEYjYlHuflNKuC538c4i0mERP4WK5WyMu5vEaS/VT+edwx4fpbAQgvzjL5f6PU7WazA7BAO0F6xohNsXFQDHMXaUUFYIpSi7yr1Zt6/8+6Oaqa0xcAAmEGDX2Fd+71W57jiY9xDlw==
X-Microsoft-Exchange-Diagnostics: 1; TY1PR01MB0651; 31:+vD2YF3L8PtL2jWHSSLNu2tZq2OVnuGW3Zzgs4IquEZjQMHq+W/WTQ+Qnoca9BncnlPCMCNaxBPS63hQiLIb02sGRG9f9xr3ETqxGqwFhz8FjgXjFRAOoakYVPa3QI4HgLy9WOVw7qwBFOH2QBFrsnWW5ONhAs9gyd5C6oGE8llrTzhtsk/YZToiaxwoTslTALdatyVrCL5YjeFc1Q0ss/BiIS6rGzhywe+prUD2hLZIdCemh2cEsbyN1Ph0IcI0NpxT8Paxdp71aRdbpMI7OA==; 4:hJ73WhB33GvDr5NcAZN2y9TEjW0qiygN9FusMd8Dep8mNyaF5h0n8bKFhrFHd4UmvzCJw65FptNoEFIRh+y4wrVVtcAsYHmYFRn88Dr5LaPvMF2zSOZ6MOneSsSas6pH4c7tWs8QBasJgBZFg2gqfxlnweQdo8Zn/B368h7EnxI+r37sw4GQOzgmjId5WID0Moa9Pf2AfZxiibb/QmyqMR8hnSTpvx4YReWBvDMBt+6/90NP4ab+r+vRVcxk+JYVq3JJxhEN7XIk3K4T8lPuEkVnP1bqimsnaM+fGf17oOHK56uzmXjhQoxTfpQaMtJUjyIlrGfgcPeljBT3XFadTBGZYAovh4itIpa0Amx1B/8sN6+JIWwpq9Q/0rTgjGVzu5WUMs6s3KzGaBuB07pzhkBGs3wkXQebehhDQamfbjCX2ZE8pHaz5CwPeCJF58AbKpekIg6YWtoL49IwoLuI2QLkqqVxY4v7XWfkwTzcelCFIrE2I409THd5qDDu9C1tiT5h327X3chTpXGQDxoWhgwFLvFxWE0lGqEEO+lYWBWao3ryi6Nkll+G1e4HtRJyVbJOIlp6NCvmxMTXYZveAufqQYW1MtJzYUD4nvDSmECZRS5cn8YwyjUlVBrTqJL1GKV0kcCvaHgHwYIB7RYyZg==
X-Microsoft-Antispam-PRVS: <TY1PR01MB06511FA7650057EB4A51133BCA250@TY1PR01MB0651.jpnprd01.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:(100405760836317);
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040375)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6041248)(20161123558025)(20161123555025)(20161123560025)(20161123562025)(20161123564025)(6072148); SRVR:TY1PR01MB0651; BCL:0; PCL:0; RULEID:; SRVR:TY1PR01MB0651;
X-Forefront-PRVS: 0245702D7B
X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(4630300001)(6049001)(6009001)(39450400003)(24454002)(377424004)(25786008)(31696002)(305945005)(90366009)(6306002)(64126003)(50986999)(54356999)(76176999)(8666007)(117156001)(230783001)(42186005)(31686004)(6486002)(77096006)(53936002)(229853002)(81166006)(8676002)(7416002)(2906002)(74482002)(2950100002)(42882006)(3846002)(6116002)(33646002)(5660300001)(86362001)(230700001)(7736002)(66066001)(65956001)(65806001)(6246003)(53546006)(47776003)(23676002)(189998001)(38730400002)(4326008); DIR:OUT; SFP:1102; SCL:1; SRVR:TY1PR01MB0651; H:[192.168.160.103]; FPR:; SPF:None; MLV:sfv; LANG:en;
X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtUWTFQUjAxTUIwNjUxOzIzOnhJOWdVMFNkbktJa2g3MWxqcmZEOHM2Wk13?= =?utf-8?B?ditYUkxMTFdSZjA0cWRqbm1aOXpMSmUrMTRMRTltaWFvQXBINHd4NHdwbnhJ?= =?utf-8?B?THpIcEJ6MHZHYmtSYUwxbmtnUU1LUVl5V3l1cGxwelJKblBoSy9wTm9rZW0r?= =?utf-8?B?OHdnRHlYY0dva3RrS0gxSys1SzI3Q3VsakI1VWxpLzFxa3l3VE9wQXZDWjdH?= =?utf-8?B?ak1ESGNEM29xNGJiUEdjWkhYbEhvUEIyWWNLUDdsMVJ2MmVJdHNGTHVVR0dH?= =?utf-8?B?cHV1WlczU0xjR2R6djYySXc5cTJ0d2VlS3krdGZ2T3ZROWtvWXA3a1V0aXFs?= =?utf-8?B?Tjg1NERheVA0cEdQcUxRUnJFdzRWYllxcllsaXY5V2pFWlhNcWlXQ1FkdzJM?= =?utf-8?B?dXBINytscXdlRHdtVUJsbHZDc2FrbDlpMjY0ZENQWUZwVmVWMTQxQUNFNTgz?= =?utf-8?B?ekRYZ1dZT2FHQzJDZnllZS9YNitBcWVFSUhyeE5JanVVL05YdEU0aFg4R0ZZ?= =?utf-8?B?QVp0dS8rYmc4THlnNnoxR0tyQVJyUjFYbUsxTnVRdHVGa2lpeFoveHlEajNs?= =?utf-8?B?Z0hOZTJqejBHckJWZnYzNG5NN1IvajRuL090SUFIUGZuRlVHNm1kaTdmRkh6?= =?utf-8?B?YnpCcjY4WC80KzVUanhaaG85TDNMVTJEcHZEeHJyUkk5S0pXNVIxN1E0SGhz?= =?utf-8?B?SSt3TUdmZjNKaHFRQ2Y2Ny8wZis0TVB2YmhJaDRFVnB5ZllFNmhwTUZzc2Zv?= =?utf-8?B?blpZc1lEckRKSUFKbUhCd0tod05rVlZ6Mjd6ZVd1Y1lxd1VCYjhrZlduR0tN?= =?utf-8?B?NFBMdW5ob0pDaW1uVTFSUlJ2K21pZThkRkJnRUEvOEdZdldvNVNtTk5UczF1?= =?utf-8?B?RGQrcU0xSENYb2xhc3BEcEJoemhzdnExeFZWaWhyV2pKeUMwY1IwQnBzS3lp?= =?utf-8?B?RTQ2cGUyV0dKRnhQL3hVSzE4b2ZOOUhsZHBlRkZFR1lHR1ZRM0ZEUkxlSGN4?= =?utf-8?B?NENWdzFoWjJNOG51YVB5UWwxS0RWNU1vWTJ1cmY3MXNGOVcvLy9iRVBvRE44?= =?utf-8?B?dmVRSzJEdXd6Y09RODBqSVJlQlhZWWtwMjRiNE1oZ0lTbWJuNlJJem9kSE9n?= =?utf-8?B?Q1lYYzRKWTh0cmtCK2RNNkNjWkNWb0VpSjQ5WFBmWXFnWmNLaVk0L25OS2Ey?= =?utf-8?B?dksvR3o5Mml6K2FVKzd5a2d0VUZ2Ry8wUjdKK2RpbTVCQnNJKzRhR2JreWRR?= =?utf-8?B?MEJJNnNzU09Nc09ZUi8wWDZnMFBSY21FemhkQitmN3BXKy9VZXJPa3kvZGxX?= =?utf-8?B?MUFBSVh0a3pVNk5IWnlDbUF2NXFoU0pqbmJoemlacEdRSGRKaVZGQWhGZ3Ex?= =?utf-8?B?czZLQWo5WCtLRFVLRXIyazk0bjU5dnNhQVl3ZmxRaUhxNkJBWkFWa0F5QS9M?= =?utf-8?B?ZVJPRElwT2w2U3J0ZUc1dEZ4andBOXYwdWhiYkltUmpkd2JiQmtvK2pHY1d5?= =?utf-8?B?YmVEcFhMQkxLaThWdEN5dlRxeHU1RGczdFJMMVNGRVpOdy9HWHEwVVg3aThr?= =?utf-8?B?S1dDNlJiaGNMU2lKRjNuQ01FLzU4aUE9PQ==?=
X-Microsoft-Exchange-Diagnostics: 1; TY1PR01MB0651; 6:3p/hbXCXKLcBCHRxqVzgOap/4PLK061GLgFFDyhlPFb51JjR/cdkSV7HV2Gg3TA4jtbXXYrKsMnmnFFDITUSYzulFYouzvvcIuDShJAZVNGSi0v1xT7M7oEpsJ0vx3q8O/IaFdPGeFtCQgCH0gvQh9XLtH3etYq1jiHWh9AasIFWkFZyemivpmB41Cbi3VezMW22AU1uDj5nUikJHHK1uEWarEvpXPns4PmZWL9h3zgwCZVY61GfjE7LeENxwYzVRmhi3bRkiuBll9jA4AK63WJ51o5HMoJ8lFk+gAVr7tjNxhfm9SB6P6L/gkVnDXTcBcSTuyGqMSK/dNCjnqs/DoctvsqziqNhBPcuymxuUPbaf5q/S3WVLwU7+erR4vtznX9CP9mAdRBcGzrxyeWHqg==; 5:TFtby1T1G7MY8LOExlEaLDl4Y8LpTC4ZldcPugwiglI/JZBs/84A98llAt3Lw1aLMriK86XIKkuQRCakCC3qdLTkZlhKafwjnVP+m3Hh4rUQqAZDWJTG1qVlJY6pOH46xDJiJ1yTERaz3XyC3gLLyu9DQ8z3RQltgtJISjB8ihI=; 24:4S0cBWFwWhv9bycJdB2ZeewKWsi6x06DscltCBYEf8N5MUaOPKmhhLK27zFFjXjaXrH0F+tStnFAysKh//JHo/E5Z9FPemL58XBPd32NR+8=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1; TY1PR01MB0651; 7:9PsJd5BeWTQOYblC3dWCQH1Ru+uRDaHGj1o82mFj0ouKQtZCOlJ2wIofk1KBLxummOnKn9JbcBQty2fbeZYXVAtju+eSNLMxQK1cZ9h4CiV/PABAP+7rp/B12IS3rg8tRArS9th3dFMcH2nmH5C+MX0VAQYisHIkoye3IgM7erK2v1yzymr0qFvlfwlS7IgqZa3eiJNlVSDljQc1Aze1rBRVjkUGhwMkrxC/yOzuDpiu1LQfsS+ylg9gk3kfAyTT2G/rLuQDWwShSkNLG+vTeZG9SGizgXeEUCIh4kCcXp11fD7TpxfopE7XEaA0O21iLv/6pltcT2dRW60hPhtP/w==
X-OriginatorOrg: it.aoyama.ac.jp
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Mar 2017 07:51:59.0379 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: TY1PR01MB0651
Archived-At: <https://mailarchive.ietf.org/arch/msg/json/tL1N08eNWOS87A-lJroeD9F3Bbo>
X-Mailman-Approved-At: Mon, 13 Mar 2017 08:40:46 -0700
Cc: draft-ietf-jsonbis-rfc7159bis.all@ietf.org, John Cowan <cowan@ccil.org>, ietf@ietf.org, secdir@ietf.org, "json@ietf.org" <json@ietf.org>, Benjamin Kaduk <kaduk@mit.edu>
Subject: Re: [Json] secdir review of draft-ietf-jsonbis-rfc7159bis-03
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "JavaScript Object Notation \(JSON\) WG mailing list" <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/json/>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Mar 2017 07:52:04 -0000

On 2017/03/13 15:23, Julian Reschke wrote:
> On 2017-03-13 00:07, Elwyn Davies wrote:

>> Does the WG really want to revisit the anguished discussions that
>> resulted in the changes to Section 8.1 of draft-ietf-json-rfc4627bis
>> between versions 07 and 08 back in late November 2013?
>>
>> See https://www.ietf.org/mail-archive/web/json/current/msg02053.html and
>> many, many messages beore this.

> No, but on the other hand, we should acknowledge that apparently the
> text both about what's mandatory and how auto detection works is not as
> clear as it should.

It looks to me as if at the time of the above message in the WG, the 
chairs were successful in presenting a consensus, probably at a stage 
when the participants in the discussion where getting tired.

It seems that when put in the wider context of the IETF, that compromise 
now looks somewhat shaky.

My personal opinion is that we could try to fix this by changing the 
following:

 >>>>
    JSON text SHALL be encoded in UTF-8, UTF-16, or UTF-32 [UNICODE]
    (Section 3).  The default encoding is UTF-8, and JSON texts that are
    encoded in UTF-8 are interoperable in the sense that they will be
    read successfully by the maximum number of implementations; there are
    many implementations that cannot successfully read texts in other
    encodings (such as UTF-16 and UTF-32).
 >>>>

to something like the following:

 >>>>
    JSON text SHOULD be encoded in UTF-8 [UNICODE]
    (Section 3).  JSON texts that are
    encoded in UTF-8 are interoperable in the sense that they will be
    read successfully by the maximum number of implementations.

    There are
    many implementations that cannot successfully read texts in other
    encodings (such as UTF-16 and UTF-32). JSON text MAY be encoded in
    UTF-16 or UTF-32 [UNICODE] (Section 3) if the sender is sure that
    the intended recipients can read them.
 >>>>

That should then go together with a MIME registration that only lists UTF-8.

Regards,   Martin.