Re: [Webpush] Major change to encryption
Martin Thomson <martin.thomson@gmail.com> Wed, 02 November 2016 04:25 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: webpush@ietfa.amsl.com
Delivered-To: webpush@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3364129551 for <webpush@ietfa.amsl.com>; Tue, 1 Nov 2016 21:25:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3pnQLqH72ZiC for <webpush@ietfa.amsl.com>; Tue, 1 Nov 2016 21:25:44 -0700 (PDT)
Received: from mail-qk0-x22d.google.com (mail-qk0-x22d.google.com [IPv6:2607:f8b0:400d:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A6D71293EE for <webpush@ietf.org>; Tue, 1 Nov 2016 21:25:44 -0700 (PDT)
Received: by mail-qk0-x22d.google.com with SMTP id x190so3236128qkb.0 for <webpush@ietf.org>; Tue, 01 Nov 2016 21:25:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Yw7uvpGjLK/pP+Rpun5IipB+6ZRpk5QglGZd/nKIhI8=; b=Z6o0wvwkQfZhTc6naElA6SlLmZCmbBG3mTSjARU4XdwDf6iunlR1Uw0tT2pEW427mC JtjF3mYZwGhw6W9k9C8tVae/YdSkIo3jeP5s0i5823zg0fiC/7Kbz2YIF7B8hsNN68YM n3SjYrbxVjCB3zBTRy4P9sKHC0UQrTrZx6garcoguf7fnaWcufLTas8aAXXMlEexcQts T4e0oQ1rP7mpTTdAN0on5WDy8NZPKRD6xoNshhDSWlDOx1Q+UpGEH7I+6NpUTz5nsyxU Oi7p3qArM70nrRKZPqdE2RsquYjbYm4JS82w3FmFzptOT6nyamUnJ1K0jPNk0Ff6kJR5 A2BQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Yw7uvpGjLK/pP+Rpun5IipB+6ZRpk5QglGZd/nKIhI8=; b=X44FV+6msVcAGf+VlXhIOPIadQgZR1ExZwG2X2rFsnMiRxPiQeWLkjnp2ZT3ZDRW7C F1399391fDTiu6Ri6JMYXXkVYrcMg8VIuDGEhyUO4LHNoWkpn6PxjnuoS7NDS6CXQ7dm wY25QZRalACWZgeuNswzrnPpw9T+teU74lg28BP63zAu9xdtghA2Z7VHA6sVOuy8n1iR siOdMQO3kPIVCIBG1cwL/KdI4CbEay+F2B2H21QkKmAvAbozbphejJ7RtetBPIB0jNYH r+G3TEv2SvsdGz6fA/lOs8c3SJZJYqOLMbU+RWL8nMRTZXC1AUGyfouYWDShKJsZR4Xf Q6Vw==
X-Gm-Message-State: ABUngve/Yj1ZxXJK1THZ3Nj0X3nZC2Igv2tABy66dA4h+kuw4e7n62eZgU1OPK6BB3jaVYXzYElCTDsNyAZvgA==
X-Received: by 10.55.158.199 with SMTP id h190mr1486197qke.202.1478060743559; Tue, 01 Nov 2016 21:25:43 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.85.7 with HTTP; Tue, 1 Nov 2016 21:25:42 -0700 (PDT)
In-Reply-To: <CA+XEteO0DeT4VEVArWwzR_6n-e2EA5dcsjG_Sqmc2Hwgqp6y6A@mail.gmail.com>
References: <CABkgnnUiLBOGQ6fSTiLcxn_RKbEHFYHzCAv3OMg_btETfKjRGA@mail.gmail.com> <da15e3e3-9d20-7e2c-eceb-d369a3529226@mozilla.com> <CABkgnnVeGAtADwvf_FWKvNDpAtKNVvWpiFAr-LPf47hgHSqiag@mail.gmail.com> <f6bb7ff3-1d6c-3b8c-b956-aaa0c046fd3a@mozilla.com> <CABkgnnUzR747r3VC1DLTqnZJwPvkAoH-SbB+y7-UY0i1Z+fX3A@mail.gmail.com> <CALt3x6nS2+LG6aZPEZL5wPA_c00pCjZ5WswcFqty35weut2rOw@mail.gmail.com> <CABkgnnUSou5xroNP5dppHJOCydErzKm4c6_Z2tw1w2hLhqb6Bg@mail.gmail.com> <CAP8-Fqn7siP7JuguZHipHHsc6Hj7dfai3u3hS8MpjLJOCWqerA@mail.gmail.com> <84f3da33-a9a4-1bbc-f290-e283cec07c22@mozilla.com> <CAP8-Fqk+suz9YpFKbdTa42nUfknWfPH-M017UjRjV2oLxUZKjQ@mail.gmail.com> <CABkgnnW3LK5Gvj=05QFrUktZhHEvwS-dkLE3BE_1iaSoMizUdg@mail.gmail.com> <CA+XEteO0DeT4VEVArWwzR_6n-e2EA5dcsjG_Sqmc2Hwgqp6y6A@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Wed, 02 Nov 2016 15:25:42 +1100
Message-ID: <CABkgnnUUJk7RJsKz_JC0W9XoPxtFEq3vYO+et6b1U5Z9uopq9g@mail.gmail.com>
To: JR Conlin <jrconlin@mozilla.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/webpush/cmOYG3gVRHtPfjHiJsDjAzcfh0E>
Cc: Costin Manolache <costin@gmail.com>, "webpush@ietf.org" <webpush@ietf.org>, Peter Beverloo <beverloo@google.com>
Subject: Re: [Webpush] Major change to encryption
X-BeenThere: webpush@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of potential IETF work on a web push protocol <webpush.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webpush>, <mailto:webpush-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/webpush/>
List-Post: <mailto:webpush@ietf.org>
List-Help: <mailto:webpush-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webpush>, <mailto:webpush-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Nov 2016 04:25:46 -0000
On 2 November 2016 at 15:02, JR Conlin <jconlin@mozilla.com> wrote: > I'm a bit confused about that. For "native" networks, push servers have > pretty wide tolerances for how much data that they can send over their > pipes. Going between services, I can definitely understand, since you're > held to the limits of the provider system. (APNs limits to about 2K, so > users are kinda screwed worse.) Of course, with "bridged" systems like > those, you still have to deal with the host system, so "headers" aren't > free. You still have to encode the data into the body of the message in some > fashion, which eats into the available amount. > > Worst of all, is that those bridged systems are also unreliable for hosts of > reasons and then you're re-implementing TCP with one hand tied behind your > back. > > Granted, I've got a pretty limited viewpoint, so I'm sure I'm missing > something obvious. If you intend to implement this over APNS, then you are stuck, I agree. Unless you fragment (and reassembly is ugly). In the end, the point is to create a consistent experience for users of the API, we need to pick a point that works. Currently, the keys go into the "overhead" bucket: stuff that the push service has to wear above the 4k message size. Moving the key into the message is just moving things around, but it does mean that users of the API get even less space to play with than before. I guess you could say that we're stealing 21 octets already, why not make it 85?
- [Webpush] Major change to encryption Martin Thomson
- Re: [Webpush] Major change to encryption Costin Manolache
- Re: [Webpush] Major change to encryption jr conlin
- Re: [Webpush] Major change to encryption Martin Thomson
- Re: [Webpush] Major change to encryption jr conlin
- Re: [Webpush] Major change to encryption Martin Thomson
- Re: [Webpush] Major change to encryption Peter Beverloo
- Re: [Webpush] Major change to encryption Peter Beverloo
- Re: [Webpush] Major change to encryption Martin Thomson
- Re: [Webpush] Major change to encryption Costin Manolache
- Re: [Webpush] Major change to encryption Costin Manolache
- Re: [Webpush] Major change to encryption jr conlin
- Re: [Webpush] Major change to encryption Costin Manolache
- Re: [Webpush] Major change to encryption Martin Thomson
- Re: [Webpush] Major change to encryption JR Conlin
- Re: [Webpush] Major change to encryption Martin Thomson
- Re: [Webpush] Major change to encryption Costin Manolache
- Re: [Webpush] Major change to encryption Costin Manolache
- Re: [Webpush] Major change to encryption Martin Thomson