On Mon, Sep 15, 2014 at 7:56 AM, Stephen Kent <[email protected]> wrote:
> Also, in a reply to Tim, I think you argued that people have already > implemented JOSE and so > we ought not make any changes at this late stage. If that's what you said, > I disagree emphatically. > The IETF always warns implementers that specs may change until an RFC is > published, and thus > one implements a pre-RFC spec at risk. > No; In theory I would entirely support requiring receivers of malformed messages to reject them. In practice, it’s problematic to say that the format is JSON, and then to require any particular policy concerning duplicate keys, because existing software generally doesn’t handle them in a consistent manner, and in particular may not even inform receiving software that dupes existed. > > Steve > > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose > > -- - Tim Bray (If you’d like to send me a private message, see https://keybase.io/timbray)
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
