On 2023-10-13, at 01:01, Orie Steele <orie@transmute.industries> wrote: > > scenarios where an attacker can exploit a vulnerable json parser,
Do not use a vulnerable JSON parser, then. (One of the main motivations for a standards-based representation format is that you get access to debugged implementations of those. Like with crypto, don’t roll your own.) Grüße, Carsten _______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth