W3C home > Mailing lists > Public > public-identity@w3.org > December 2011

Re: JSON Description Language

From: Anders Rundgren <anders.rundgren@telia.com>
Date: Tue, 06 Dec 2011 04:48:20 +0100
Message-ID: <4EDD9084.9030509@telia.com>
To: Ron Garret <ron@flownet.com>
CC: "public-identity@w3.org" <public-identity@w3.org>
On 2011-12-06 04:31, Ron Garret wrote:
> 
> On Dec 5, 2011, at 6:51 PM, Anders Rundgren wrote:
> 
>> The following is related to DOMCrypt and similar...
>>
>> http://tools.ietf.org/html/rfc4627
> 
> It is?  What does JSON have to do with DOMCrypt?
> 
>> Having a strong background in XML schema authoring I'm slightly
>> puzzled by the enthusiasm of using "secure" objects that (seem) to
>> have no notion of explicit (built-in) name-spaces or a description
>> language.
> 
> I'm puzzled in what sense you think that JSON is "secure".  The only 
> security claim made for JSON that I know of is that it can be safely
> parsed by the Javascript eval() function.
> 
> Can you please clarify why you think this is relevant to this group?

DOMCrypt parses and generates JSON-formatted objects, right?

I suggested that such objects should have a unique name (space).  It costs
virtually nothing and would open the door to better language bindings
and simplified validation.

This need is by no means limited to "security objects" but writing security
protocols without such mechanisms doesn't IMHO completely feel like 2011.

Anders

> 
> rg
> 
> 
Received on Tuesday, 6 December 2011 03:49:13 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 6 December 2011 03:49:13 GMT