IETF Logo Mail Archive

Re: [Webpush] Vapid public key

Martin Thomson <martin.thomson@gmail.com> Fri, 25 November 2016 00:22 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: webpush@ietfa.amsl.com
Delivered-To: webpush@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 254ED129D5F for <webpush@ietfa.amsl.com>; Thu, 24 Nov 2016 16:22:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jB06UXkZ3SaS for <webpush@ietfa.amsl.com>; Thu, 24 Nov 2016 16:22:51 -0800 (PST)
Received: from mail-qt0-x233.google.com (mail-qt0-x233.google.com [IPv6:2607:f8b0:400d:c0d::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51CDF129FF5 for <webpush@ietf.org>; Thu, 24 Nov 2016 16:22:49 -0800 (PST)
Received: by mail-qt0-x233.google.com with SMTP id c47so52694523qtc.2 for <webpush@ietf.org>; Thu, 24 Nov 2016 16:22:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=l2cLHiY2EFbEnI5hXhTu8se5yKtCWZ0JlPVBMV6YrXM=; b=ylhVqKMC3s6VojupPJ2yVI8WKCyenz+tc7drOBrUNji0LeeS3CmlNyJlfS5fkj6UYt sdUmDs6WJECllHYKgv8BE3iyS95EwjfeZcfLx9I8lJzjt3VXgPAi3iSBZnAePLrQBVex 8bAb9K4F8JPvAOmsRCKHYZyGKDaOzypeqdwQ1hDEIF2Oz2uNaUoxj2H46Igxazm/kwsO nVH6EbV8oDMmFo2UrU6H8JaAsUm6grXNKMaaohIzMQ4bj2t+M1fkauyvliTOAGdLjUQt l1rSjFuv6/qnOVwc5bbeQOxBvPpVVjH+KMCY/LlMOGVuOl7dhhyNYtgcxSEm/YVoBoqO 4a9Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=l2cLHiY2EFbEnI5hXhTu8se5yKtCWZ0JlPVBMV6YrXM=; b=UMzYehmzY0k7OQAd7Ogu/HP+RC6y+jNC6/oR1n+W4wTgr0/aRrIz2Bnibi13Z6wtqg 7NnEWQ2pSuSEJVe97fPpf/9TWqSjVTpPZeCGyesqsibimupUV4R55qyLzddaDnLIigyq 4x56lw2qy0T2erkdKBxdDNyR4iBoGc2REmp4VqdXswwt8rbRPxgB0bgtGSS8e+f51I/u DXriFN/lhXYOjcqN2wQmCNTDTdTRwGDltPefFEewZs/+e+iWXQY+gcbyP5cQtnYfleJX rlH0uLEhmDWry2JEJYK/TAQN+NBdWTrMuk+3zSfJZaS5KJ7K/lBCCDDjXKpZYi3eZy35 ruRQ==
X-Gm-Message-State: AKaTC00BaZWCWE+qCrn0lO8F/Cei8DdGR7tWr1mTKEQgnMGaox88NlnC3RWM3ONzpAKYpvX5tE/jlUx1HYn8fQ==
X-Received: by 10.200.46.249 with SMTP id i54mr4256813qta.13.1480033368291; Thu, 24 Nov 2016 16:22:48 -0800 (PST)
MIME-Version: 1.0
Received: by 10.140.85.101 with HTTP; Thu, 24 Nov 2016 16:22:47 -0800 (PST)
In-Reply-To: <bc48f6ec-41ef-f4b5-79c9-9f239b250946@mozilla.com>
References: <CABkgnnVKd+kAZPD5KirF7NaGMDBSpaO6FR3yE8d+c3ge3-He3w@mail.gmail.com> <CAP8-FqmBUHd5up7Jfo+veFWvL22XiPwGGXNnOW6rm7nxeESU_g@mail.gmail.com> <CABkgnnX4aAjnZyu3morJOLatuuj9k4NSoTpoNtF7YjtRUFQOnQ@mail.gmail.com> <CAP8-Fq=Zd66ZhWm+gYesOpc2NZ-YBpy2+bHdr6O+h1KG2s16uw@mail.gmail.com> <CABkgnnX8bmzsmx0EGJ8h5R4k4i=3KBaLXucekyv98PTz01f9fw@mail.gmail.com> <CABkgnnVvVHMFrbJYgF9GZEumDhvM_kHBf30TdHWxzSzpX1_CTw@mail.gmail.com> <CAP8-Fqn3ji66Ox3dEj_SifEpxgmYZrLWoyYy36PUS0o6eTLZrw@mail.gmail.com> <CABkgnnVaekCff2rxz2CWG9M+s=ud2k7J6ca_bLZRvwF5vZdAww@mail.gmail.com> <CAP8-Fqn3z=y6chng+0XruesET4VbCqbkcMuPT2GCx_wiOQs6sg@mail.gmail.com> <b5c5817e-1ac4-84d4-6a69-2962e08de6ab@mozilla.com> <CAP8-Fq=+AU+hNXL3Htg7w-Sv0_yqMk5dGA+GBg2JO8BZiKAPCQ@mail.gmail.com> <bc48f6ec-41ef-f4b5-79c9-9f239b250946@mozilla.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Fri, 25 Nov 2016 11:22:47 +1100
Message-ID: <CABkgnnXGbZtQ8m6n+RJJRTbr8Eetua2+0ZQmFExCQYhtST-bSw@mail.gmail.com>
To: jr conlin <jconlin@mozilla.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/webpush/Ls89E4GNs8NEus6q951f1bXwkPY>
Cc: Costin Manolache <costin@gmail.com>, "webpush@ietf.org" <webpush@ietf.org>, Peter Beverloo <beverloo@google.com>
Subject: Re: [Webpush] Vapid public key
X-BeenThere: webpush@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of potential IETF work on a web push protocol <webpush.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webpush>, <mailto:webpush-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/webpush/>
List-Post: <mailto:webpush@ietf.org>
List-Help: <mailto:webpush-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webpush>, <mailto:webpush-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Nov 2016 00:22:53 -0000

I think that we should discuss this over on the W3C side:
Opened: https://github.com/w3c/push-api/issues/226

On 22 November 2016 at 10:53, jr conlin <jconlin@mozilla.com> wrote:
> Ah, ok, my apologies.
>
> Summing up my understanding:
>
> * Yes, having the UA pass the public key string to the push server would be
> the easiest for the developer. "Ok, here's a key, you deal with it." There
> would need to be some effort on either the UA or the Push Service to verify
> that the string is a valid key set, but I believe you're specifying that. As
> I understand, a provided public key that is determined as being invalid
> whether by the UA or PS, would return an error to the application.
>
> * How that key is passed in to the UA is a point of discussion. It could be
> provided as part of the static page content provided by the subscription
> request page, it could be provided via a secondary delivery mechanism (e.g.
> included as part of a secondary script), it could be fetched by the
> application out of a well known URL (be it "/.well-known", via the app
> manifest, or "bobs-discount-public-key-goes-here.js") I'm less inclined to
> make this bit part of the formal spec so much as offering guidance for how
> app developers could do this. Various 3rd party sites, hosting sites, or
> library authors may have differing opinions based on experience and
> restrictions.
>
> * I should not read spec changes over the weekend.
>
> Does this properly sum up the changes?
>
> (Again, my apologies if I seem dense)
>
>
> On 11/21/2016 3:36 PM, Costin Manolache wrote:
>
> On Mon, Nov 21, 2016 at 9:51 AM jr conlin <jconlin@mozilla.com> wrote:
>>
>> FWIW, I'm really not a fan of having an extra data path for things like
>> this. More paths mean more things that folks can screw up or not be able to
>> implement for various reasons.
>
>
>>
>> I think it's HIGHLY reasonable to ask that for a given restricted update,
>> the Application that is making the request include a public key for the
>> VAPID spec. The application could pull it from where ever, hard code it, or
>> whatever makes most sense to the Application developer team (and the
>> corresponding Subscription Update service provider).
>>
>> Things aren't exactly easy now, making them harder just means that less
>> folks will be able to do it.
>
>
> My goal was to make it easier - in particular in cases where it's easy to
> screw up. If a developer has a test key and
> a production key ( which is a good idea - you want the prod private key well
> protected, and dev/testing be done with
> a different key ), it would be easier to have a different pub key file
> rather than different .js file or extra complexity/if
>
> It is a bit more work for the UA - but not much more.
>
>>
>>
>>
>> On 11/20/2016 8:01 PM, Costin Manolache wrote:
>>
>> On Sun, Nov 20, 2016 at 5:32 PM Martin Thomson <martin.thomson@gmail.com>
>> wrote:
>>>
>>> On 20 November 2016 at 02:53, Costin Manolache <costin@gmail.com> wrote:
>>> > One more small suggestion: one of the pain points ( for me ) is the W3C
>>> > subscribe taking the
>>> > vapid pubkey as bytes instead of a string, and having to include the
>>> > key in
>>> > .js files as a constant.
>>>
>>> Your suggestion being that we define a base64url parser.  You can
>>> include the key in the form Uint8Array.from([4, 5, 6, 6, ...]);  It's
>>>
>>> bigger and you have to work itI"m a out once, but it saves shipping a
>>> converter.
>>
>>
>> Not really - the UA will need to take the uint8[] and convert it to b64 -
>> since that's what
>> the push service expects. AFAIK the UA has no use with the vapid public
>> key in current
>> protocol (except pass it along in subscribe) - we do not pass the
>> Authorization header
>> from push service to UA
>>
>>
>> I'm a bit confused here. If you use most key generation tools like
>> $ openssl ecparam -name prime256v1 -genkey -noout -out vapid_private.pem
>> $ openssl ec -in vapid_private.pem -pubout -out vapid_public.pem
>> $ grep -v "^-" vapid_public.pe
>> that dumps a b64 string the user can easily work with. Is the suggestion
>> that we ask users to convert to binary themselves? That may reduce the need
>> for base64 in the UA, but means that developers will need to add one.
>> Considering the fun that happened with "lpad" not too long ago, I'm a bit
>> concerned about the frustration that may come with that.
>
>
> My suggestion is to _not_ ask the users to convert to binary ( or array of
> decimals ) themselves - that's what the
> current W3C API requires. I'll file the bug when I return (if Peter or
> someone else doesn't beat me to it :-).
>
> And as currently defined, the browser will need to take the Uint8array and
> b64 encode it before calling the
> webpush /subscribe. I think it would be better if W3C subscribe would take a
> string, and just pass it to the push
> service with no conversions - and let the pushservice deal with it.
> It would also be more future proof.
>
>
>>
>>
>>
>>>
>>>
>>> Either way, this is probably something to take here:
>>> https://github.com/w3c/push-api/issues
>>>
>>> > Would it be possible to define a .well-known/vapid/... file where the
>>> > public
>>> > key can be saved ?
>>> > This may simplify tools, testing ( test env may use test sender keys),
>>> > etc.
>>> > One problem is that
>>> > .well-known is at root - so either have
>>> > /.well-known/vapid/ENCODED_SW_URL.pub or
>>> > have a less standard .well-known/ in the same directory with the SW.
>>>
>>> Now that we are considering removal of Crypto-Key (I'm about to send
>>> out drafts with that change), I need to work out how to push the keys
>>> along with the registration.  I don't think that using .well-known
>>> will give us the right binding to the subscription request though.
>>>
>>> Maybe I don't understand the proposal, though.  Can you walk through
>>> how a client would use this?
>>
>>
>> If client calls subscribe() - the UA will look for .well-known/vapid.pub
>> and pass it
>> in the /subscribe request to the push service.
>>
>> ... So the subscription provider will have to be able to create and
>> maintain a discrete path, the UA will need to make an extra successful data
>> call, just to provide a string that is for public consumption?
>
>
> subscribe is not a very frequent event - and a page requires plenty of
> fetches.
> The convenience to just copy a file - instead of editing a JS file - may or
> may not be worth it,
> I'm not feeling very strongly about it.
>
>
>>
>>
>>
>> If client calls subscribe( Uint8Array ) - UA will use the explicit key.
>>
>> Again, bit confused here. Granted, the UA's subscribe() function can do
>> whatever it wants once it has the public key. How the server actually enacts
>> the subscription restriction is irrelevant to both the UA and the
>> Subscription provider.
>>
>> The UA can also accept a key in several different formats by doing simple
>> tests. Likewise, how the Application acquires the key is really up to the
>> Application.
>
>
> Agreed. UA can also just pass it to push service, and let the push service
> decide how to interpret it.
>
>
>>
>> I'm seeing this more as "suggested practices" and "platform features"
>> rather than part of the specification.
>
>
>>
>> It is a bit simpler to just copy the key in a defined location - in
>> particular if you have
>> multiple environments. It is possible to do it in code too ( using the URL
>> to decide
>> which key to use ). Some people may also like the more declarative
>> approach.
>>
>> Huh, I'd argue that it may not always be possible. Some small vendor
>> platforms may not offer access to directories like "/.well-known" (e.g. if
>> you're working with classical Apache, you may be forced to root under
>> "/username/...", or some platforms may prohibit the use of leading "."
>> because of poor path management. I've had to deal with both in the past.
>>
>> Hopefully, I'm must misunderstanding the proposal again.
>
>
> My concern was to make it easier for developers to specify the public key.
> The '.well-known' was just one idea, keeping the manifest or using a
> relative path to SW, or anything else
> is fine too.
>
> Costin
>
>>
>>
>>
>>
>> Not a big deal - but I think it would be nice.
>>
>> Re. Crypto-Key: my understanding was that there are use cases for it, as a
>> way to
>> distribute keys, as discussed in the other thread. Subscribe needs some
>> header
>> ( or query param ?) to pass the authorized entity to the push service. We
>> just
>> don't need it for authorization or encrypted body.
>>
>> Costin
>>
>>
>

v2.23.0 | Report a Bug | By Email