From 8bb3f329a2eb177538e8045d7deb15819e00f686 Mon Sep 17 00:00:00 2001
From: Tony Garnock-Jones <tonyg@leastfixedpoint.com>
Date: Sun, 12 Jun 2022 09:26:47 +0200
Subject: [PATCH] Adjust language around overlong varint encodings

---
 preserves-binary.md | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/preserves-binary.md b/preserves-binary.md
index 4047048..d7dc987 100644
--- a/preserves-binary.md
+++ b/preserves-binary.md
@@ -64,19 +64,17 @@ The following table illustrates varint-encoding.
 | 300         | `0000010 0101100`                         | 2 172           |
 | 1000000000  | `0000011 1011100 1101011 0010100 0000000` | 3 92 107 20 128 |
 
-There is no requirement that a varint-encoded `m` in a `Repr` be the unique shortest encoding
-for that `m`.[^overlong-varint] However, implementations *SHOULD* use the shortest encoding
-whereever possible when writing, and *SHOULD* reject excessively long encodings when reading
-encoded values.[^excessively-long-varint]
+There is no requirement that a varint-encoded `m` in a `Repr` be the
+unique shortest encoding for that `m`.[^overlong-varint] However,
+implementations *SHOULD* use the shortest encoding whereever possible
+when writing, and *MAY* reject encodings with more than eight leading
+`0` bytes when reading encoded values.
 
   [^overlong-varint]: **Implementation note.** The spec permits overlong length encodings to
     reduce wasted activity in resource-constrained situations. If an implementation is in
     anything other than a very low-level language, it is likely to be able to use
     [IOList](./conventions.html#iolists)-style data structures to avoid unnecessary copying.
 
-  [^excessively-long-varint]: As a guideline, reject more than eight leading `0` bytes in a
-    varint.
-
 ### Records, Sequences, Sets and Dictionaries.
 
           «<L F_1...F_m>» = [0xA7] ++ seq(«L», «F_1», ..., «F_m»)
@@ -206,8 +204,11 @@ an empty sequence annotated with two symbols, `a` and `b`, is
 annotations are skipped, an endless sequence of annotations may give an
 illusion of progress.
 
-**Overlong varints.** The binary format allows (but discourages) overlong [varint](#varint)s.
-Consider optional restrictions on the number of redundant leading `0` bytes accepted when
+**Overlong varints.** The binary format allows (but discourages)
+overlong [varint](#varint)s. Because every `Repr` has a bound on its
+length from its surrounding context, this is not a denial-of-service
+vector *per se*; however, implementations may wish to consider optional
+restrictions on the number of redundant leading `0` bytes accepted when
 reading a varint.
 
 **Canonical form for cryptographic hashing and signing.** No canonical