IETF Logo Mail Archive

Re: [secdir] [Json] secdir review of draft-ietf-jsonbis-rfc7159bis-03

"Matthew A. Miller" <linuxwolf@outer-planes.net> Mon, 13 March 2017 17:54 UTC

Return-Path: <linuxwolf@outer-planes.net>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4A473129992 for <secdir@ietfa.amsl.com>; Mon, 13 Mar 2017 10:54:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.234
X-Spam-Level:
X-Spam-Status: No, score=-1.234 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=outer-planes-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rSUfws_MO_Dd for <secdir@ietfa.amsl.com>; Mon, 13 Mar 2017 10:54:34 -0700 (PDT)
Received: from mail-ot0-x241.google.com (mail-ot0-x241.google.com [IPv6:2607:f8b0:4003:c0f::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1486212998B for <secdir@ietf.org>; Mon, 13 Mar 2017 10:54:34 -0700 (PDT)
Received: by mail-ot0-x241.google.com with SMTP id 19so17054812oti.0 for <secdir@ietf.org>; Mon, 13 Mar 2017 10:54:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outer-planes-net.20150623.gappssmtp.com; s=20150623; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to; bh=wEbeRnfrEJpJCcOfo7g1t8EaTyJZIPY3KDqJZdcUzPk=; b=Zfif2koxCi00cBJulqzDvjWpIOzV9L6euL24Av4Ijo7ZS0Yrh6WNOQ0SAAnGyJDDuw 8LjBlfWv/IJzDEG7R/vDl680L9/iTmSB6UIAOltXBFJ1fWFLplm007xGNF6Tt/knN0Sc 2vZTqob98VrdG8LSjFZ36EkN1PWsEqSm9SQ9y7Ee0vGYvx42Lx9UZKFXG9G+XMk28Fbb SO96WOt0b5eCalMBH+BqH2JmO7kqbNPK+maAF6rMDkrGL+3wqlpSqaGxHotkaEvxQTYA 0/cloTgwiL+xtRK1+6JNhOCnTDrF3fyiAzmWyv8g/0H/kbjqCKgq+QK3cYCbLo2JokTc zHjg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to; bh=wEbeRnfrEJpJCcOfo7g1t8EaTyJZIPY3KDqJZdcUzPk=; b=fVtFF3vnKxdlTvvlKNd91caORNOqehDjPzcZhWbkg5NHPSVYxJ+NBZxg/u8xpwm0GU uPBp61T24PeAKuaH889/Y7kmDvPmyCMr0XpLhN0d8jfk/hmKVX6MNZWqWaqmzrwXds8n Zk4j88JE0uav3b+kV7y539jPjR8iyY0IJXGn7o0s6kO8hxOtqYIWSmoLrz9lkCUUAZS+ eq5MMQbdAghBDpMOa9qlMg++IHky706f/PrgprxqdO1y0iMBCpriMRnRV0Bm9oYeMBLQ KTzA/CXKjKXfoiE6rMQ/dxawTT6MfM8S8pzNu7wgi+ZmVJmeLQ/zD7zitmURzNL+B1w+ q34w==
X-Gm-Message-State: AMke39mIg4h8Q6Z222ni2y4r4wluW/qO3SpiHzCB+1xvqDihNORcBNSzJXcj9Wme8U2VLQ==
X-Received: by 10.157.84.10 with SMTP id j10mr16695392oth.257.1489427673447; Mon, 13 Mar 2017 10:54:33 -0700 (PDT)
Received: from [10.6.23.170] ([128.177.113.102]) by smtp.gmail.com with ESMTPSA id g10sm986961oic.16.2017.03.13.10.54.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 13 Mar 2017 10:54:32 -0700 (PDT)
To: Peter Cordell <petejson@codalogic.com>, "Martin J. Dürst" <duerst@it.aoyama.ac.jp>, Ned Freed <ned.freed@mrochek.com>
References: <otwresf20y4vnpmoboqqjnux.1489359742487@email.android.com> <0d3258fa-0f9d-cc5d-06d7-fcba943349ad@gmx.de> <f63c6a4a-dfbb-e03a-ea1e-38002f81ced8@it.aoyama.ac.jp> <0631d12c-f447-8904-6e2d-81e02cc6e8d3@codalogic.com>
From: "Matthew A. Miller" <linuxwolf@outer-planes.net>
Message-ID: <1e075450-d958-db9c-ae63-3cbf3733024c@outer-planes.net>
Date: Mon, 13 Mar 2017 11:54:31 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.1
MIME-Version: 1.0
In-Reply-To: <0631d12c-f447-8904-6e2d-81e02cc6e8d3@codalogic.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="3VcLRe0FKbLrdelu3P9lctLR4SQJkGBjp"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/alkgpPn9Dy8Z1y-xsYxUyVoeGSI>
Cc: draft-ietf-jsonbis-rfc7159bis.all@ietf.org, "json@ietf.org" <json@ietf.org>, ietf@ietf.org, secdir@ietf.org
Subject: Re: [secdir] [Json] secdir review of draft-ietf-jsonbis-rfc7159bis-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Mar 2017 17:55:28 -0000

On 17/03/13 10:33, Peter Cordell wrote:
> On 13/03/2017 07:51, Martin J. Dürst wrote:
>> My personal opinion is that we could try to fix this by changing the
>> following:
>>
>>>>>>
>>    JSON text SHALL be encoded in UTF-8, UTF-16, or UTF-32 [UNICODE]
>>    (Section 3).  The default encoding is UTF-8, and JSON texts that are
>>    encoded in UTF-8 are interoperable in the sense that they will be
>>    read successfully by the maximum number of implementations; there are
>>    many implementations that cannot successfully read texts in other
>>    encodings (such as UTF-16 and UTF-32).
>>>>>>
>>
>> to something like the following:
>>
>>>>>>
>>    JSON text SHOULD be encoded in UTF-8 [UNICODE]
>>    (Section 3).  JSON texts that are
>>    encoded in UTF-8 are interoperable in the sense that they will be
>>    read successfully by the maximum number of implementations.
>>
>>    There are
>>    many implementations that cannot successfully read texts in other
>>    encodings (such as UTF-16 and UTF-32). JSON text MAY be encoded in
>>    UTF-16 or UTF-32 [UNICODE] (Section 3) if the sender is sure that
>>    the intended recipients can read them.
>>>>>>
> 
> My only thought is to perhaps reflect that JSON isn't only transmitted,
> and JSON can be used for file based configuration etc, (even if this
> isn't strictly IETFs concern).  So perhaps s/sender/encoder/ in the last
> sentence, plus a few other tweaks yielding something like:
> 
>     There are many implementations that cannot successfully read texts
>     in other encodings (such as UTF-16 and UTF-32 [UNICODE]).  JSON
>     text MAY be encoded in other encodings if the encoder is sure that
>     the intended recipients can read them.
> 
> Pete.

/me doffs hat

I like this change myself.

/me dons hat

As I recall, the table was removed mostly because the vast majority of
implementations did not support any encoding other than UTF-8, and no
one (that I recall) reported implementing the detection table.


- m&m

Matthew A. Miller
< http://goo.gl/LM55L >

v2.23.0 | Report a Bug | By Email