Re: [secdir] secdir review of draft-ietf-json-text-sequence-11

Nico Williams <nico@cryptonector.com> Tue, 16 December 2014 21:35 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 71DF51A8756; Tue, 16 Dec 2014 13:35:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.666
X-Spam-Level:
X-Spam-Status: No, score=-1.666 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CxkubrpPdtex; Tue, 16 Dec 2014 13:35:40 -0800 (PST)
Received: from homiemail-a113.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) by ietfa.amsl.com (Postfix) with ESMTP id 957291A875E; Tue, 16 Dec 2014 13:35:40 -0800 (PST)
Received: from homiemail-a113.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a113.g.dreamhost.com (Postfix) with ESMTP id 5E5C220058D84; Tue, 16 Dec 2014 13:35:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to:content-transfer-encoding; s= cryptonector.com; bh=tjL2mRRD3rQNYfcqj54ahQsXbeo=; b=J3S4jGmGbor Mqr9UXSPvhleirlWlSBCh2ksbLpD7eJMdX7E8QkRPO1MIISQGG8c2sZ1lpmjUGP4 XbO59MtGwHnMGiclZGiStUjQq7kodrQccCCQyoY2qh4NJjl8X5KSYQ7Fe8XNZPiY 1ArN7o9Qb8ATkqsXgz3gk4+ap2qSJ7ko=
Received: from localhost (108-207-244-174.lightspeed.austtx.sbcglobal.net [108.207.244.174]) (Authenticated sender: nico@cryptonector.com) by homiemail-a113.g.dreamhost.com (Postfix) with ESMTPA id EE62320058D83; Tue, 16 Dec 2014 13:35:39 -0800 (PST)
Date: Tue, 16 Dec 2014 15:35:39 -0600
From: Nico Williams <nico@cryptonector.com>
To: Carl Wallace <carl@redhoundsoftware.com>
Message-ID: <20141216213533.GI3241@localhost>
References: <D0B1EECD.29290%carl@redhoundsoftware.com> <20141216000109.GP3241@localhost> <D0B587AB.2948E%carl@redhoundsoftware.com> <20141216163238.GT3241@localhost> <D0B5C964.2954A%carl@redhoundsoftware.com> <20141216174829.GZ3241@localhost> <D0B5DC2E.295DB%carl@redhoundsoftware.com> <20141216193707.GE3241@localhost> <D0B5F9D2.29691%carl@redhoundsoftware.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <D0B5F9D2.29691%carl@redhoundsoftware.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/Bnn2F1CKZHiSE0UXsOOqGB2SqNQ
Cc: draft-ietf-json-text-sequence@tools.ietf.org, iesg@ietf.org, secdir@ietf.org
Subject: Re: [secdir] secdir review of draft-ietf-json-text-sequence-11
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Dec 2014 21:35:41 -0000

On Tue, Dec 16, 2014 at 03:44:05PM -0500, Carl Wallace wrote:
> On 12/16/14, 2:37 PM, "Nico Williams" <nico@cryptonector.com>; wrote:
> >It's not.  I just don't think one should encode JSON text sequences this
> >way.  After lunch I'll propose text explicitly requiring sequence
> >encoders to also invoke the JSON text encoder.
> 
> Most of the words in this now very long thread stem from this. I will wait
> to review new text. I don’t think there is any lack of clarify on the
> signature issue. Most of the remainder is related to the document’s
> recognition of <RS>123<RS> as a detachable truncation problem but not
> <RS>123<LF><RS> where the truncation occurred prior to invoking the
> sequence encoder. 

In section 2.2, add before the last paragraph:

   JSON text sequence encoders are expected to ensure that the sequence
   elements are properly formed. When the JSON text sequence encoder
   does the JSON text encoding, the sequence elements will naturally be
   properly formed. When the JSON text sequence encoder accepts
   already-encoded JSON texts, the JSON text sequence encoder ought to
   to parse them before adding them to a sequence.

Nico
--