RFE: semantically identical objects that hash to identical values

[dwhall]

As a recommended enhancement, semantically identical objects should hash to identical values. This JSON object:

{
"foo": 0,
"bar": 1
}

is semantically identical to this JSON object:

{
"bar": 1,
"foo": 0
}

yet when fed into a cryptographic algorithm, they will yield differing results. I recommend that UBJSON enforce a policy of sorting an object's key-value pairs based on they key; perhaps utf-8 sorting. This way, semantically identical objects will always be identically represented and return identical cryptographic results.

[Miosss]

JSON compliance is goal number 1, so I think we should stick to it whenever possible.

While this option can still be compatible, I think it enforces much overhead always - and in most cases it is not relevant (as most existing soft depends on JSON's non-ordered objects). And UTF-8 based sorting may be quite problematic. Specific usage may add semantic-based constraints. I think UBJSON should not.

[kxepal]

-1 Turning objects into ordered key-value pairs doesn't makes much sense, but will make things more complicated. For instance, this kills unbounded objects feature completely. You should solve that issue at application level.

[AnyCPU]

DNA still the same if your fingers are crossed.

                  =

[kxepal]

@AnyCPU That's logical vs physical representation difference. These may not be equivalent at all for the same thing.

[AnyCPU]

No, in this case it's ok. Because problem in a point of view to object. Should be used an invariant of object or universal set of its properties. How to get it? It is not a problem of storage.

                  =

[ghost]

@dwhall definitely understand the motivation behind the request, but I thought @Miosss summed up well why we haven't gone down this path in the spec (been too strict with dictating behaviors).

Same would go for this request - a bit too much to bake directly into the spec, but absolutely encourage different implementations to optionally support behaviors like this at an API level.

Closing. Please feel free to continue discussing if you feel violently passionate about this though - everything is always up to discussion.

[dwhall]

Thank you for the consideration.

[ghost]

@dwhall absolutely - and thank you for the contribution!

Please don't let this dissuade you from future recommendations - you never know what ideas a suggestion might spark or what might get accepted.

I've rarely seen something get accepted in it's proposed form, most things go through A LOT of massaging before getting accepted.