- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Tue, 06 Dec 2011 04:48:20 +0100
- To: Ron Garret <ron@flownet.com>
- CC: "public-identity@w3.org" <public-identity@w3.org>
On 2011-12-06 04:31, Ron Garret wrote: > > On Dec 5, 2011, at 6:51 PM, Anders Rundgren wrote: > >> The following is related to DOMCrypt and similar... >> >> http://tools.ietf.org/html/rfc4627 > > It is? What does JSON have to do with DOMCrypt? > >> Having a strong background in XML schema authoring I'm slightly >> puzzled by the enthusiasm of using "secure" objects that (seem) to >> have no notion of explicit (built-in) name-spaces or a description >> language. > > I'm puzzled in what sense you think that JSON is "secure". The only > security claim made for JSON that I know of is that it can be safely > parsed by the Javascript eval() function. > > Can you please clarify why you think this is relevant to this group? DOMCrypt parses and generates JSON-formatted objects, right? I suggested that such objects should have a unique name (space). It costs virtually nothing and would open the door to better language bindings and simplified validation. This need is by no means limited to "security objects" but writing security protocols without such mechanisms doesn't IMHO completely feel like 2011. Anders > > rg > >
Received on Tuesday, 6 December 2011 03:49:13 UTC