IETF Logo Mail Archive

Re: [Webpush] Alexey Melnikov's Discuss on draft-ietf-webpush-vapid-03: (with DISCUSS and COMMENT)

Phil Sorber <sorber@apache.org> Tue, 01 August 2017 20:34 UTC

Return-Path: <sorber@apache.org>
X-Original-To: webpush@ietfa.amsl.com
Delivered-To: webpush@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF14D131838 for <webpush@ietfa.amsl.com>; Tue, 1 Aug 2017 13:34:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.421
X-Spam-Level:
X-Spam-Status: No, score=-6.421 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.5, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1i5fR2IjaHhQ for <webpush@ietfa.amsl.com>; Tue, 1 Aug 2017 13:34:43 -0700 (PDT)
Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by ietfa.amsl.com (Postfix) with SMTP id 9E41C129B40 for <webpush@ietf.org>; Tue, 1 Aug 2017 13:34:43 -0700 (PDT)
Received: (qmail 82071 invoked by uid 99); 1 Aug 2017 20:34:42 -0000
Received: from mail-relay.apache.org (HELO mail-relay.apache.org) (140.211.11.15) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 01 Aug 2017 20:34:42 +0000
Received: from mail-it0-f51.google.com (mail-it0-f51.google.com [209.85.214.51]) by mail-relay.apache.org (ASF Mail Server at mail-relay.apache.org) with ESMTPSA id AA6A81A00A2; Tue, 1 Aug 2017 20:34:42 +0000 (UTC)
Received: by mail-it0-f51.google.com with SMTP id h199so13869280ith.0; Tue, 01 Aug 2017 13:34:42 -0700 (PDT)
X-Gm-Message-State: AIVw111DFx14mgEBk543IZw+inhTlJzEULjaU2MzSGkWjjhZnmcBQHu+ 6M22NaJer7hrhc31xefmvHkMdfwGsg==
X-Received: by 10.36.66.16 with SMTP id i16mr3317392itb.132.1501619681744; Tue, 01 Aug 2017 13:34:41 -0700 (PDT)
MIME-Version: 1.0
References: <150161732457.12184.5254423236791059887.idtracker@ietfa.amsl.com>
In-Reply-To: <150161732457.12184.5254423236791059887.idtracker@ietfa.amsl.com>
From: Phil Sorber <sorber@apache.org>
Date: Tue, 01 Aug 2017 20:34:31 +0000
X-Gmail-Original-Message-ID: <CABF6JR1CBpCHjHYwiOG5PfkdMWKoy2Qp6JOJouM7+nLw1hPMCg@mail.gmail.com>
Message-ID: <CABF6JR1CBpCHjHYwiOG5PfkdMWKoy2Qp6JOJouM7+nLw1hPMCg@mail.gmail.com>
To: Alexey Melnikov <aamelnikov@fastmail.fm>, The IESG <iesg@ietf.org>
Cc: draft-ietf-webpush-vapid@ietf.org, webpush-chairs@ietf.org, webpush@ietf.org
Content-Type: multipart/alternative; boundary="001a1145ee9eb7df430555b7135b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/webpush/4pBL3T0qizL397BuUyOyeVBqNf0>
Subject: Re: [Webpush] Alexey Melnikov's Discuss on draft-ietf-webpush-vapid-03: (with DISCUSS and COMMENT)
X-BeenThere: webpush@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Discussion of potential IETF work on a web push protocol <webpush.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webpush>, <mailto:webpush-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/webpush/>
List-Post: <mailto:webpush@ietf.org>
List-Help: <mailto:webpush-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webpush>, <mailto:webpush-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Aug 2017 20:34:46 -0000

For sure the first discuss item has already been addressed in the git repo
[1], and there is also a statement that the JSON is UTF-8 encoded now as
well. I'm not sure that really resolves the second point though. I'll let
the authors address that directly.

Martin, Peter, perhaps this is a good opportunity to push a new draft
before the telechat?

[1]
https://github.com/webpush-wg/webpush-vapid/compare/draft-ietf-webpush-vapid-03...master

On Tue, Aug 1, 2017 at 1:55 PM Alexey Melnikov <aamelnikov@fastmail.fm>
wrote:

> Alexey Melnikov has entered the following ballot position for
> draft-ietf-webpush-vapid-03: Discuss
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
>
>
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-webpush-vapid/
>
>
>
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
>
> The following is a nit, but I think it is important that it gets fixed:
>
> In Section 4.1:
>
>    The example in Figure 3 shows a restriction to the key used in
>    Figure 1.  Extra whitespace is added to meet formatting constraints.
>
>    POST /subscribe/ HTTP/1.1
>    Host: push.example.net
>    Content-Type: application/webpush-optjons+json;charset=utf-8
>
> Firstly, "optjons" above should be "options". Secondly, the MIME type
> registration of application/webpush-options+json says that the MIME type
> has no
> parameters, yet you use charset above. So which is it?
>
>    Content-Length: 104
>
>    { "vapid": "BA1Hxzyi1RUM1b5wjxsn7nGxAszw2u61m164i3MrAIxH
>                F6YK5h4SDYic-dRuU_RCPCfA5aq9ojSwk5Y2EmClBPs" }
>
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> In Section 3, 3rd para:
>
>    This authentication scheme does not require a challenge.  Clients are
>    able to generate the Authorization header field without any
>    additional information from a server.  Therefore, a challenge for
>    this authentication scheme MUST NOT be sent in a WWW-Authenticate
>    header field.
>
> Does this mean that there is no way to discover whether a particular server
> supports "vapid" HTTP authentication scheme?
>
>
>

v2.23.0 | Report a Bug | By Email