Hi Paul, On 09/05/16 17:40, Paul Hoffman wrote: > On 5 Sep 2016, at 1:42, Jerry Lundström wrote: > >> - Non-ASCII octets escaping "\DDD" may lead to broken implementations >> and/or encoding problem (oh so many printf()'ed JSON implementations out >> there) > > Sure, but I'm not sure what to do about this. It's not really a security > consideration, and it's not really even about this format: that's true > for any application that gets a host name in return to a PTR query, yes?
I was more commenting on the fact that it is escaping in a format that already support escaping. The JSON output would be double escaped and implementations would need to unescape it themselves rather then let JSON handle it. >> - The use of "!" and "*" in object attribute names will make it hard to >> use in language that can read JSON and give out native objects such as >> JavaScript. > > Yeah, I thought about that: it sucks for most programming languages. > Would people be happier if I used "B64" and "HEX" for trailers of names > instead of "!" and "*"? I guess I'm in control of the naming and can be > sure those don't appear at the end of object names. That would be better yes but it also got me thinking, why two different ways of encoding it? Could be simplified by just using base64url (or base64). Cheers, Jerry _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
