Re: [Json] Canonicalization
Tim Bray <tbray@textuality.com> Wed, 20 February 2013 03:18 UTC
Return-Path: <tbray@textuality.com>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 656B221F8818 for <json@ietfa.amsl.com>; Tue, 19 Feb 2013 19:18:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.251
X-Spam-Level:
X-Spam-Status: No, score=-3.251 tagged_above=-999 required=5 tests=[AWL=-0.275, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XVSbpc1nzbAu for <json@ietfa.amsl.com>; Tue, 19 Feb 2013 19:18:09 -0800 (PST)
Received: from mail-pa0-f44.google.com (mail-pa0-f44.google.com [209.85.220.44]) by ietfa.amsl.com (Postfix) with ESMTP id 9A68421F8810 for <json@ietf.org>; Tue, 19 Feb 2013 19:18:09 -0800 (PST)
Received: by mail-pa0-f44.google.com with SMTP id kp1so3758571pab.3 for <json@ietf.org>; Tue, 19 Feb 2013 19:18:09 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:x-originating-ip:in-reply-to:references :date:message-id:subject:from:to:cc:content-type:x-gm-message-state; bh=Cci8Bsh+p3yo+qu7Nk0SToFlYBGZZiW6/h6TECTg47M=; b=DJ0gB6OoZvGHUZ0gbY3pFWUCVTDuKDQjJjRbV15WcAMzCz/T8Dgyv8uZYo9CXjHi3U xyi633z3JoBaWvll45szlc3PMsS9d3hBEW23iHSJP07FjCgnTXNPkqx9o0bIDrDqF5BL izT+hmVhNJ/aR9wJsqpQ/7hA0oKhW1jIVnE5WY1Cr3hYpB0n43J74L9DMFMMoRR3Xk2E ctZ0Uz2FGvJX48swJYaJJICAS3tkmVMuS8etZB8sdzOn1XTLhtw1c2eVgTb+KhRjd2pC EaM88res9/orF/P6fk3BE3nAhlfQFUDOCP1KxZlOziblLyQO1JN67N5GhsXtczH345Dk ahow==
MIME-Version: 1.0
X-Received: by 10.66.4.193 with SMTP id m1mr95003pam.214.1361330289371; Tue, 19 Feb 2013 19:18:09 -0800 (PST)
Received: by 10.66.249.129 with HTTP; Tue, 19 Feb 2013 19:18:09 -0800 (PST)
X-Originating-IP: [24.84.235.32]
In-Reply-To: <CAK3OfOjz1TPbhFggz5ADh-4eEQC1iDVAbRYWWfpU7US79ao-3w@mail.gmail.com>
References: <BF7E36B9C495A6468E8EC573603ED9411513E818@xmb-aln-x11.cisco.com> <A723FC6ECC552A4D8C8249D9E07425A70F897263@xmb-rcd-x10.cisco.com> <255B9BB34FB7D647A506DC292726F6E11507579808@WSMSG3153V.srv.dir.telstra.com> <1F2DF9AD-EE7A-4CC6-BBA6-AF07D02347F9@vpnc.org> <CAK3OfOhkSdi_4kuM3SG2N=bcfAwE-3E9+_SWW8ULSfedO8HAkQ@mail.gmail.com> <2510D743-1CCE-42D0-9067-836F03BDD606@vpnc.org> <CALcybBDfyDGh-Gt9v-94OBM7XFzzSwywZJW_fECuig6hrN0cCw@mail.gmail.com> <1361323974.9790.41.camel@pbryan-wsl.internal.salesforce.com> <CALcybBAkJg1JyMwPc-xsCv_GvROPE696-4ak8YqaO2vXcQ+QHA@mail.gmail.com> <CALcybBAyc1CcaH1_yyg8AQ9=SM6Tn7+1mbtQL+b9910ojuvbqQ@mail.gmail.com> <CAK3OfOjo36iw5cpwowKRUWOgXd9L-M6bOX4qc8_hrdscbAQbiQ@mail.gmail.com> <CALcybBB2KowXG+vYeJHjDUOqdZMPy0mQOpxHf8ioe3eWAVb0uw@mail.gmail.com> <CAK3OfOjz1TPbhFggz5ADh-4eEQC1iDVAbRYWWfpU7US79ao-3w@mail.gmail.com>
Date: Tue, 19 Feb 2013 19:18:09 -0800
Message-ID: <CAHBU6ivcdo7HB6qoD5WfW4NN8-nc0aKj6quqWsuNQH7N=7jnJA@mail.gmail.com>
From: Tim Bray <tbray@textuality.com>
To: Nico Williams <nico@cryptonector.com>
Content-Type: multipart/alternative; boundary="bcaec520e7df51eba804d61f680d"
X-Gm-Message-State: ALoCoQlre2Levt9XTc7VmiXES5GjSXzJHxVNMARGH+amxlCCrwp1A1Q9IDR/XpYYPkdKoj05Zru/
Cc: Francis Galiegue <fgaliegue@gmail.com>, Paul Hoffman <paul.hoffman@vpnc.org>, "Paul C. Bryan" <pbryan@anode.ca>, "json@ietf.org" <json@ietf.org>
Subject: Re: [Json] Canonicalization
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion related to JavaScript Object Notation \(JSON\)." <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/json>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Feb 2013 03:18:10 -0000
OK, this discussion has convinced me that there’s no real need for this group to proactively take up JSON c14n. If at some future point there’s a strong demonstrated real (not hypothetical) use case, it’s a fairly tractable problem. But for now, it’s unnecessary work. -T On Tue, Feb 19, 2013 at 7:11 PM, Nico Williams <nico@cryptonector.com>wrote: > On Tue, Feb 19, 2013 at 9:00 PM, Francis Galiegue <fgaliegue@gmail.com> > wrote: > > On Wed, Feb 20, 2013 at 3:36 AM, Nico Williams <nico@cryptonector.com> > wrote: > > [...] > >> > >> Yes and no. If the verifier and the signer both have the same > >> document then no c14n is needed. If the verifier must reconstruct the > >> signed document -as opposed to receiving it from the signer- then the > >> verifier must reconstruct exactly the signed document or the signature > >> will not verify. > >> > > > > There is one thing I don't get: in any case, what is transmitted over > > the network is just a stream of bytes. One end writes that stream, the > > other reads it. > > No, in this one case the two ends construct some data. A good example > would be channel bindings (RFCs 5056, 5929), except that mostly that > has no structure, so it's not really a good example after all, but it > illustrates the point. > > > In order for the receiving end to interpret that data, should signing > > be used, it needs to verify that the _byte stream_, not its > > interpretation, is correct. That byte stream MAY be JSON. It may not > > be. > > That's just it: in this case the data isn't transmitted, only the > signature. There's many protocols that transmit signatures (or > hashes) but not necessarily contents. E.g., rsync. What if you had a > JSON-based synchronization protocol and you're sending file metadata, > only there's a lot of it (e.g., large ACLs), and you're trying to > avoid sending it, so you send file names and metadata hashes, and if > the receiver's don't match then you send the actual metadata? > > Nico > -- > _______________________________________________ > json mailing list > json@ietf.org > https://www.ietf.org/mailman/listinfo/json >
- [Json] JSON mailing list and BoF Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Francis Galiegue
- Re: [Json] [apps-discuss] JSON mailing list and B… Carsten Bormann
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Francis Galiegue
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Francis Galiegue
- Re: [Json] [apps-discuss] JSON mailing list and B… Bjoern Hoehrmann
- Re: [Json] [apps-discuss] JSON mailing list and B… Peter Saint-Andre
- [Json] Upgrading SHOULD to MUST Paul Hoffman
- Re: [Json] Upgrading SHOULD to MUST Mark Nottingham
- Re: [Json] [apps-discuss] JSON mailing list and B… Bjoern Hoehrmann
- Re: [Json] [apps-discuss] JSON mailing list and B… Tim Bray
- Re: [Json] Upgrading SHOULD to MUST Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Gonzalo Salgueiro
- Re: [Json] [apps-discuss] JSON mailing list and B… Carsten Bormann
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Francis Galiegue
- Re: [Json] [apps-discuss] JSON mailing list and B… Matt Miller (mamille2)
- [Json] Canonicalization Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Mike Jones
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Tim Bray
- Re: [Json] [apps-discuss] JSON mailing list and B… Nico Williams
- Re: [Json] Canonicalization Matt Miller (mamille2)
- Re: [Json] [apps-discuss] JSON mailing list and B… Tim Bray
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- [Json] Two lists? [ Was: JSON mailing list and Bo… Paul Hoffman
- Re: [Json] [apps-discuss] JSON mailing list and B… Nico Williams
- Re: [Json] [apps-discuss] JSON mailing list and B… Francis Galiegue
- Re: [Json] [apps-discuss] JSON mailing list and B… Nico Williams
- Re: [Json] [apps-discuss] JSON mailing list and B… Francis Galiegue
- Re: [Json] [apps-discuss] JSON mailing list and B… Nico Williams
- Re: [Json] [apps-discuss] JSON mailing list and B… Matt Miller (mamille2)
- Re: [Json] [apps-discuss] Two lists? [ Was: JSON … Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Francis Galiegue
- Re: [Json] [apps-discuss] JSON mailing list and B… Tim Bray
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Tim Bray
- Re: [Json] [apps-discuss] JSON mailing list and B… Francis Galiegue
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Matt Miller (mamille2)
- Re: [Json] [apps-discuss] JSON mailing list and B… Francis Galiegue
- Re: [Json] [apps-discuss] JSON mailing list and B… Tim Bray
- Re: [Json] [apps-discuss] JSON mailing list and B… Matt Miller (mamille2)
- Re: [Json] [apps-discuss] JSON mailing list and B… Francis Galiegue
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Francis Galiegue
- Re: [Json] [apps-discuss] JSON mailing list and B… Tim Bray
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Tim Bray
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- Re: [Json] [apps-discuss] JSON mailing list and B… Paul C. Bryan
- Re: [Json] [apps-discuss] JSON mailing list and B… Mike Jones
- Re: [Json] [apps-discuss] JSON mailing list and B… Francis Galiegue
- Re: [Json] [apps-discuss] JSON mailing list and B… Nico Williams
- Re: [Json] Canonicalization Manger, James H
- Re: [Json] Canonicalization Paul Hoffman
- Re: [Json] Canonicalization Nico Williams
- Re: [Json] Canonicalization Paul Hoffman
- Re: [Json] Canonicalization Francis Galiegue
- Re: [Json] Canonicalization Paul C. Bryan
- Re: [Json] Canonicalization Francis Galiegue
- Re: [Json] Canonicalization Francis Galiegue
- [Json] Canonicalization vs. comparison Paul Hoffman
- Re: [Json] Canonicalization Nico Williams
- Re: [Json] Canonicalization Francis Galiegue
- Re: [Json] Canonicalization Nico Williams
- Re: [Json] Canonicalization Tim Bray
- Re: [Json] Canonicalization Nico Williams
- Re: [Json] Canonicalization Manger, James H
- Re: [Json] Canonicalization Riccardo Bernardini
- Re: [Json] [apps-discuss] JSON mailing list and B… Joe Hildebrand (jhildebr)
- Re: [Json] Canonicalization Carsten Bormann
- Re: [Json] Canonicalization Manger, James H
- Re: [Json] Canonicalization Francis Galiegue
- Re: [Json] Canonicalization Manger, James H
- Re: [Json] Canonicalization Francis Galiegue
- Re: [Json] [apps-discuss] JSON mailing list and B… Sadayuki Furuhashi
- Re: [Json] Canonicalization Manger, James H
- Re: [Json] [apps-discuss] JSON mailing list and B… Nico Williams
- [Json] msgpack/binarypack (Re: [apps-discuss] JSO… Carsten Bormann
- Re: [Json] msgpack/binarypack (Re: [apps-discuss]… Sadayuki Furuhashi
- Re: [Json] msgpack/binarypack (Re: [apps-discuss]… Joe Hildebrand (jhildebr)