[Json] [Technical Errata Reported] RFC7158 (3908)
RFC Errata System <rfc-editor@rfc-editor.org> Sun, 02 March 2014 20:46 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 418121A0ADC for <json@ietfa.amsl.com>; Sun, 2 Mar 2014 12:46:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.449
X-Spam-Level:
X-Spam-Status: No, score=-2.449 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.547, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tUdm4DHs-no2 for <json@ietfa.amsl.com>; Sun, 2 Mar 2014 12:46:52 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [IPv6:2607:f170:8000:1500::d3]) by ietfa.amsl.com (Postfix) with ESMTP id A32101A0AD3 for <json@ietf.org>; Sun, 2 Mar 2014 12:46:52 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id 11C6D7FC2CB; Sun, 2 Mar 2014 12:46:50 -0800 (PST)
To: tbray@textuality.com, barryleiba@computer.org, presnick@qti.qualcomm.com, mamille2@cisco.com, paul.hoffman@vpnc.org
From: RFC Errata System <rfc-editor@rfc-editor.org>
Message-Id: <20140302204650.11C6D7FC2CB@rfc-editor.org>
Date: Sun, 02 Mar 2014 12:46:50 -0800
Archived-At: http://mailarchive.ietf.org/arch/msg/json/v9TBotSR_7ocVgW60oOKgbud0do
Cc: rfc-editor@rfc-editor.org, rfc7158@schmorp.de, json@ietf.org
Subject: [Json] [Technical Errata Reported] RFC7158 (3908)
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "JavaScript Object Notation \(JSON\) WG mailing list" <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/json/>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Mar 2014 20:46:54 -0000
The following errata report has been submitted for RFC7158, "The JavaScript Object Notation (JSON) Data Interchange Format". -------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata_search.php?rfc=7158&eid=3908 -------------------------------------- Type: Technical Reported by: Marc Lehmann <rfc7158@schmorp.de> Section: Security con Original Text ------------- Corrected Text -------------- Notes ----- This is a followup to my previous errata. I just wanted to note that this should also be discusssed in the security considerations. Consider a protocol that would allow back-to-back json messages. For example, a banking protocol that accepted currency amounts. A RFC7158 encoder could now encode the two separate amounts "1" and "999" and end up with the single amount "1999", which couldn't happen with the original JSON specification. Since this affects existing protocols and could potentially result in serious misinterpretations, I think noting this in the security considerations sections would be prudent. Instructions: ------------- This errata is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party (IESG) can log in to change the status and edit the report, if necessary. -------------------------------------- RFC7158 (draft-ietf-json-rfc4627bis-10) -------------------------------------- Title : The JavaScript Object Notation (JSON) Data Interchange Format Publication Date : March 2014 Author(s) : T. Bray, Ed. Category : PROPOSED STANDARD Source : JavaScript Object Notation Area : Applications Stream : IETF Verifying Party : IESG
- [Json] [Technical Errata Reported] RFC7158 (3908) RFC Errata System