[Webpush] Alexey Melnikov's Discuss on draft-ietf-webpush-vapid-03: (with DISCUSS and COMMENT)
Alexey Melnikov <aamelnikov@fastmail.fm> Tue, 01 August 2017 19:55 UTC
Return-Path: <aamelnikov@fastmail.fm>
X-Original-To: webpush@ietf.org
Delivered-To: webpush@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id A2CCB132311; Tue, 1 Aug 2017 12:55:24 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Alexey Melnikov <aamelnikov@fastmail.fm>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-webpush-vapid@ietf.org, Phil Sorber <sorber@apache.org>, webpush-chairs@ietf.org, sorber@apache.org, webpush@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.58.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <150161732457.12184.5254423236791059887.idtracker@ietfa.amsl.com>
Date: Tue, 01 Aug 2017 12:55:24 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/webpush/I8swdhH2C20Pb9e_HiTb4ObEEHQ>
Subject: [Webpush] Alexey Melnikov's Discuss on draft-ietf-webpush-vapid-03: (with DISCUSS and COMMENT)
X-BeenThere: webpush@ietf.org
X-Mailman-Version: 2.1.22
List-Id: Discussion of potential IETF work on a web push protocol <webpush.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webpush>, <mailto:webpush-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/webpush/>
List-Post: <mailto:webpush@ietf.org>
List-Help: <mailto:webpush-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webpush>, <mailto:webpush-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Aug 2017 19:55:25 -0000
Alexey Melnikov has entered the following ballot position for draft-ietf-webpush-vapid-03: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-webpush-vapid/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- The following is a nit, but I think it is important that it gets fixed: In Section 4.1: The example in Figure 3 shows a restriction to the key used in Figure 1. Extra whitespace is added to meet formatting constraints. POST /subscribe/ HTTP/1.1 Host: push.example.net Content-Type: application/webpush-optjons+json;charset=utf-8 Firstly, "optjons" above should be "options". Secondly, the MIME type registration of application/webpush-options+json says that the MIME type has no parameters, yet you use charset above. So which is it? Content-Length: 104 { "vapid": "BA1Hxzyi1RUM1b5wjxsn7nGxAszw2u61m164i3MrAIxH F6YK5h4SDYic-dRuU_RCPCfA5aq9ojSwk5Y2EmClBPs" } ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- In Section 3, 3rd para: This authentication scheme does not require a challenge. Clients are able to generate the Authorization header field without any additional information from a server. Therefore, a challenge for this authentication scheme MUST NOT be sent in a WWW-Authenticate header field. Does this mean that there is no way to discover whether a particular server supports "vapid" HTTP authentication scheme?
- [Webpush] Alexey Melnikov's Discuss on draft-ietf… Alexey Melnikov
- Re: [Webpush] Alexey Melnikov's Discuss on draft-… Phil Sorber
- Re: [Webpush] Alexey Melnikov's Discuss on draft-… Martin Thomson
- Re: [Webpush] Alexey Melnikov's Discuss on draft-… Phil Sorber
- Re: [Webpush] Alexey Melnikov's Discuss on draft-… Alexey Melnikov
- Re: [Webpush] Alexey Melnikov's Discuss on draft-… Phil Sorber
- Re: [Webpush] Alexey Melnikov's Discuss on draft-… Alexey Melnikov