[Webpush] Alexey Melnikov's No Objection on draft-ietf-webpush-vapid-03: (with COMMENT)

Alexey Melnikov <aamelnikov@fastmail.fm> Tue, 15 August 2017 17:12 UTC

Return-Path: <aamelnikov@fastmail.fm>
X-Original-To: webpush@ietf.org
Delivered-To: webpush@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id D5A0B13228D; Tue, 15 Aug 2017 10:12:34 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Alexey Melnikov <aamelnikov@fastmail.fm>
To: "The IESG" <iesg@ietf.org>
Cc: draft-ietf-webpush-vapid@ietf.org, Phil Sorber <sorber@apache.org>, webpush-chairs@ietf.org, sorber@apache.org, webpush@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.58.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <150281715482.21106.3346502830630897599.idtracker@ietfa.amsl.com>
Date: Tue, 15 Aug 2017 10:12:34 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/webpush/A-ZvXRVfdtpHg8dRC56uDaWa5J4>
Subject: [Webpush] Alexey Melnikov's No Objection on draft-ietf-webpush-vapid-03: (with COMMENT)
X-BeenThere: webpush@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Discussion of potential IETF work on a web push protocol <webpush.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webpush>, <mailto:webpush-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/webpush/>
List-Post: <mailto:webpush@ietf.org>
List-Help: <mailto:webpush-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webpush>, <mailto:webpush-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Aug 2017 17:12:35 -0000

Alexey Melnikov has entered the following ballot position for
draft-ietf-webpush-vapid-03: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-webpush-vapid/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

I have cleared my DISCUSS based on changes in git.

I am looking forward to continuing discussion about advertising support for the
"vapid" authentication scheme in WWW-Authenticate:

In Section 3, 3rd para:

   This authentication scheme does not require a challenge.  Clients are
   able to generate the Authorization header field without any
   additional information from a server.  Therefore, a challenge for
   this authentication scheme MUST NOT be sent in a WWW-Authenticate
   header field.

Does this mean that there is no way to discover whether a particular server
supports "vapid" HTTP authentication scheme?