From c48e4a8a06f5554ff484f1a60c8e5673e70a897a Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Sun, 19 Jan 2020 21:18:03 +0100
Subject: comment on JSON canonicalization

---
 src/json/json.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'src/json')

diff --git a/src/json/json.c b/src/json/json.c
index 688086a50..807ea0b61 100644
--- a/src/json/json.c
+++ b/src/json/json.c
@@ -25,7 +25,13 @@
 
 
 /**
- * Hash a JSON for binary signing.
+ * Hash a JSON object for binary signing.
+ *
+ * See https://tools.ietf.org/html/draft-rundgren-json-canonicalization-scheme-15
+ * for fun JSON canonicalization problems.  Callers must ensure that
+ * those are avoided in the input. We will use libjanson's "JSON_COMPACT"
+ * encoding for whitespace and "JSON_SORT_KEYS" to canonicalize as best
+ * as we can.
  *
  * @param[in] json some JSON value
  * @param[out] hc resulting hash code
-- 
cgit v1.2.3