Re: [Webpush] Use Case related to subscription sets

Hervé Ruellan <herve.ruellan@crf.canon.fr> Mon, 23 November 2015 09:56 UTC

Return-Path: <Herve.Ruellan@crf.canon.fr>
X-Original-To: webpush@ietfa.amsl.com
Delivered-To: webpush@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C2591A701C for <webpush@ietfa.amsl.com>; Mon, 23 Nov 2015 01:56:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.636
X-Spam-Level:
X-Spam-Status: No, score=-0.636 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, HELO_EQ_FR=0.35, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.585] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Spr5hSRBW6RB for <webpush@ietfa.amsl.com>; Mon, 23 Nov 2015 01:56:33 -0800 (PST)
Received: from inari-msr.crf.canon.fr (inari-msr.crf.canon.fr [194.2.158.67]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C6AF81A701A for <webpush@ietf.org>; Mon, 23 Nov 2015 01:56:32 -0800 (PST)
Received: from mir-msr.corp.crf.canon.fr (mir-msr.corp.crf.canon.fr [172.19.77.98]) by inari-msr.crf.canon.fr (8.13.8/8.13.8) with ESMTP id tAN9uUUA028877; Mon, 23 Nov 2015 10:56:30 +0100
Received: from Antiope.crf.canon.fr (antiope.fesl2.crf.canon.fr [172.19.70.56]) by mir-msr.corp.crf.canon.fr (8.13.8/8.13.8) with ESMTP id tAN9uUXn002402; Mon, 23 Nov 2015 10:56:30 +0100
Received: from timor.intra-usr.crf.canon.fr (172.20.7.3) by Antiope.crf.canon.fr (172.19.70.62) with Microsoft SMTP Server (TLS) id 15.0.995.29; Mon, 23 Nov 2015 10:56:29 +0100
From: =?UTF-8?Q?Herv=c3=a9_Ruellan?= <herve.ruellan@crf.canon.fr>
To: Brian Raymor <brian.raymor@microsoft.com>
References: <564C50B7.7070505@crf.canon.fr> <CABp8EuLXNQWmc0mnt-m_vBQhPuhhef5GDgbrZdyM8TKUZv+GxQ@mail.gmail.com> <564EF895.4020200@crf.canon.fr> <CABp8Eu+OsXiEAsxOQpV_O-bF2o21upbJ14x8bCO=Y9TfgXOw2A@mail.gmail.com> <BY2PR0301MB06474FB76B480F37957A531A831A0@BY2PR0301MB0647.namprd03.prod.outlook.com>
Message-ID: <5652E2CD.8090709@crf.canon.fr>
Date: Mon, 23 Nov 2015 10:56:29 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <BY2PR0301MB06474FB76B480F37957A531A831A0@BY2PR0301MB0647.namprd03.prod.outlook.com>
Content-Type: text/plain; charset="utf-8"; format=flowed
Content-Transfer-Encoding: 8bit
X-Originating-IP: [172.20.7.3]
X-ClientProxiedBy: Antiope.crf.canon.fr (172.19.70.62) To Antiope.crf.canon.fr (172.19.70.62)
Archived-At: <http://mailarchive.ietf.org/arch/msg/webpush/cxkYjwtk-D_K7ULt6Yew7_utyTY>
Cc: Benjamin Bangert <bbangert@mozilla.com>, "webpush@ietf.org" <webpush@ietf.org>
Subject: Re: [Webpush] Use Case related to subscription sets
X-BeenThere: webpush@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of potential IETF work on a web push protocol <webpush.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webpush>, <mailto:webpush-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/webpush/>
List-Post: <mailto:webpush@ietf.org>
List-Help: <mailto:webpush-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webpush>, <mailto:webpush-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Nov 2015 09:56:34 -0000

On 20/11/15 18:49, Brian Raymor wrote:
>
> On Fri, Nov 20, 2015 at 8:43 AM, Benjamin Bangert
> <bbangert@mozilla.com> wrote:
> > Since most push servers, as far as I know, will be using SSL, I
> don't know how a proxy could even function
> > since it would need to MITM the secured connection which is
> obviously not good.
>
> The mobile phone ("proxy") acts as the user agent in this case with a
> HTTPS connection to the push service. A different protocol than HTTP
> may be required between phone and the camera. Sounds similar to a
> field gateway scenario?

Yes, the HTTPS connection is between the mobile phone and the push 
server. And another protocol is used between the camera and the phone.

> > Either way, this situation and use-case seems accounted for by the
> spec as it is, since those wishing to handle
> > this scenario may run their own Push Server without a low concurrent
> stream max, and unsecured so that a
> > proxy may function.
>
> Regarding "unsecured", Section 9 requires HTTPS - This protocol MUST
> use HTTP over TLS [RFC2818].

For our scenario, we would like to be able to use a generic push server. 
I agree that the spec supports the use-case, but we would also like the 
implementations to support the use-case.
A short mention of the use-case in the spec would be really helpful. The 
consequences for an implementation would be to allow a user agent to 
create a *few* subscription sets, and not limit it to *1*, and also to 
allow a user agent to open a *few* streams to subscription resources.

Hervé