On Tue, Jun 28, 2022 at 11:40:55PM +0200, Carsten Bormann wrote: > On 2022-06-28, at 22:50, Carsten Bormann <[email protected]> wrote: > > > > The alternative would be to trigger on the data, so any string that looks > > like 2022-06-28T20:48:15Z would turn into 1(1656449295). That has some > > interesting security considerations, though. > > Hmm, that is starting to become more attractive to me. > > As long as we can make sure that the same string comes back out again, this > can be safe even if we don’t get the typenames right. > > Of course an efficient implementation might still be triggered by typenames, > but it wouldn’t create a problem if that guesses wrong. >
This sounds super scary. So how in CBOR would you make sure that the timezone suffix Z remains Z and the suffix +00:00 remains +00:00? /js -- Jürgen Schönwälder Jacobs University Bremen gGmbH Phone: +49 421 200 3587 Campus Ring 1 | 28759 Bremen | Germany Fax: +49 421 200 3103 <https://www.jacobs-university.de/> _______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
