I just published a blog post about TJSON here: https://tonyarcieri.com/introducing-tjson-a-stricter-typed-form-of-json
On Tue, Oct 25, 2016 at 3:15 PM, Tony Arcieri <basc...@gmail.com> wrote: > I wanted to give LANGSEC a sneak peek of a project I've been working on > with Ben Laurie before circulating it more widely: > > https://www.tjson.org/ > > It's a set of security-oriented type annotations added to JSON. The idea > is to support cross-format content hashes which are the same regardless of > if data is serialized in a binary format like Protobufs, MessagePack, or > BSON, or in TJSON. The intended content hash algorithm is Ben Laurie's > objecthash: > > https://github.com/benlaurie/objecthash > > We have also disallowed some of the more notable sharp edges for JSON > security, such as repeated member names in JSON objects. If there are any > other notable problems you think should be addressed, I'd be curious to > hear them. > > -- > Tony Arcieri > -- Tony Arcieri
_______________________________________________ langsec-discuss mailing list langsec-discuss@mail.langsec.org https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
