[Cryptography] [cryptography] Is it time for a revolution to replace TLS?

Phillip Hallam-Baker hallam at gmail.com
Thu May 15 16:26:24 EDT 2014 

On Thu, May 15, 2014 at 12:20 PM, Tony Arcieri <bascule at gmail.com> wrote:
> On Tue, May 13, 2014 at 4:23 PM, Phillip Hallam-Baker <hallam at gmail.com>
> wrote:
>>
>> In general any proposal of the form 'lets replace X with something 10%
>> 'better'' is a losing proposition. Particularly when we are talking
>> about systems where network effects dominate such as protocols, APIs
>> and keyboard layouts[1].
>
>
> Does that mean that JSON was more than 10% better than XML, or REST more
> than 10% better than SOAP?
>
> That's not to say that "enterprise" users don't still make extensive use of
> the, for lack of a better term, crappier technologies, but for the rest of
> us, we hopefully don't have those monstrosities in our daily lives anymore.

The question actually makes my point: We very rarely rewrite an old
protocol just to change the syntax.

JSON has become established as the way to write new protocols. We are
a long way from the point where people are going to want to redo DNS
in JSON just to have JSON syntax.

And writing a completely new protocol, JSON is a lot more than 10%
better than ASN.1 or XML because both of the latter are bjorked. XML
prefixes are insane, it is a document markup language, not a protocol
data encoding layer.

One of the epiphanies that came to me in the design of a JSON-schema
tool was that in a protocol design schema validation is utterly
useless. The reason we need schema validation in XML is that in a
document editor it is useful to be able to tell the user if their
markup is valid or not.

XML schema allows a designer to require elements to come in a
particular order. That is utterly pointless in a protocol unless the
order is indicating the slot to fill.

So if you take a look at the reasons why JSON is succeeding, I think
you will find it is much more than a 10% improvement. And in any case,
XML never achieved ubiquity anyway. JSON is replacing RFC822 headers
rather than XML. And it is better because it supports structure and is
more consistent.


-- 
Website: http://hallambaker.com/

More information about the cryptography mailing list