IETF Logo Mail Archive

Re: [Webpush] Receipt subscription follow-up

Costin Manolache <costin@gmail.com> Tue, 26 April 2016 04:47 UTC

Return-Path: <costin@gmail.com>
X-Original-To: webpush@ietfa.amsl.com
Delivered-To: webpush@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B894712B03D for <webpush@ietfa.amsl.com>; Mon, 25 Apr 2016 21:47:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DY2PwZz91AVl for <webpush@ietfa.amsl.com>; Mon, 25 Apr 2016 21:47:41 -0700 (PDT)
Received: from mail-io0-x22b.google.com (mail-io0-x22b.google.com [IPv6:2607:f8b0:4001:c06::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 414BA12D0C0 for <webpush@ietf.org>; Mon, 25 Apr 2016 21:47:40 -0700 (PDT)
Received: by mail-io0-x22b.google.com with SMTP id u185so6518361iod.3 for <webpush@ietf.org>; Mon, 25 Apr 2016 21:47:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=oGB8vZ+RgIvcOF5RHzAxSx8xVQ9QRX8YYuMZfZznr6M=; b=tc1N75tEdJcKe7/AHgNNGQtziV00iihrstpleECoxOWLJ00KuanFiXnzGVQNdekmvB 51zOIU/1+R7MNLSKdtxJhBF0sZ0AvBFioa/SJTIX2tRCL4iJzTwAcCCo3NsjxQtl3XIu zw44ekNdaoXnoHgA6ImLsMJNVfXf2VWz2v5di2sf7RelyLJV1T7NKf1UbkFInX8iGEKB +vORzQSE9fT4014Sgi4krdJpOCfpTFGIiLfeImCOT4XyraUROi4KFr7CNTt5b8+a06MN TAyqMUwflyajDadkKWlBoBSLb8Dn09AEChLVWQKiJ6gUNlN99tVxGlpCpm4YD3kEFWTw 3Lsg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=oGB8vZ+RgIvcOF5RHzAxSx8xVQ9QRX8YYuMZfZznr6M=; b=Gzi96uELHrTMfFdDjYMmqqdC+QeIsLcQpJqFtnZ6ELiUsr6lfKRKUKgKaxxXYMC5tp bID4Hxh2l4hnY67ztDLVl4J3ixYIz1RVgpefS5Y7x64zHH6ZkYsNpMwNpX5etByf7SJ7 vzHxiPLSysvzd7Ju/g4mfajU9VbUZqyyR5Jt1vcc73y5/7mueZLJh/mvgg14wgc/+noz 2K8toVsc1B9c7OHHmS1mGM1Dq3o5FcHVPx46oiIJ+iTCErd6DexuQD9TTUCkCJDnNL4h Nsg6F/Fg/rspoAS1YVw/6skLzVsUzXLAiyTR0ngQNb98iT9Q3BpotUTXXZ02glzWfeAB Qkeg==
X-Gm-Message-State: AOPr4FUUJb8VvBGNUPnqgZtv9Bfhqu2wI8iBxc0GJeILcqtCrycFuoBwHeoBQJXNNOwOK8KBeVK3gjnkfJ89+g==
X-Received: by 10.107.175.227 with SMTP id p96mr1031576ioo.72.1461646060048; Mon, 25 Apr 2016 21:47:40 -0700 (PDT)
MIME-Version: 1.0
References: <CABkgnnXKDZvLWxkhFP0R4jW=ZyFwqiqQREFA5BFKH9i4PQCmyA@mail.gmail.com>
In-Reply-To: <CABkgnnXKDZvLWxkhFP0R4jW=ZyFwqiqQREFA5BFKH9i4PQCmyA@mail.gmail.com>
From: Costin Manolache <costin@gmail.com>
Date: Tue, 26 Apr 2016 04:47:30 +0000
Message-ID: <CAP8-Fq=Oi_kGebcRsyHYQdXWwLxFQxFwR=jeOyKS-+vW7eE=0w@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>, "webpush@ietf.org" <webpush@ietf.org>
Content-Type: multipart/alternative; boundary=001a11445f5a3254f105315bfeb6
Archived-At: <http://mailarchive.ietf.org/arch/msg/webpush/pvCLX6IVcduNBFl-dc1FE6gjr5g>
Subject: Re: [Webpush] Receipt subscription follow-up
X-BeenThere: webpush@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of potential IETF work on a web push protocol <webpush.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webpush>, <mailto:webpush-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/webpush/>
List-Post: <mailto:webpush@ietf.org>
List-Help: <mailto:webpush-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webpush>, <mailto:webpush-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Apr 2016 04:47:42 -0000

Seems reasonable - but it should be optional if an App Server is using
VAPID,
since the push service can simply use the VAPID public key, and it
simplifies the
AS logic.

Even if a PS doesn't require VAPID - it can still use a derivative of the
public key
in the receipt URL.

Costin



On Mon, Apr 25, 2016 at 5:02 PM Martin Thomson <martin.thomson@gmail.com>
wrote:

> Not wanting to steal, Brian's thunder here, but this is the change we
> discussed during the meeting:
>
>   https://github.com/webpush-wg/webpush-protocol/pull/84
>
> It's good stuff, but there's a small wrinkle I thought that I'd raise:
> https://github.com/webpush-wg/webpush-protocol/issues/85
>
> In short, Brian's proposed changes to receipts are good, but we need
> to be clear about how an application server might choose to send a
> receipt subscription obtained from one push in subsequent pushes.
>
> I propose using origin (scheme+host+port).  If they are the same, then
> a receipt subscription obtained from one push can be used with any
> other push to the same origin.  The server is required to understand
> these subscriptions (or not raise any errors if it can't).
>
> _______________________________________________
> Webpush mailing list
> Webpush@ietf.org
> https://www.ietf.org/mailman/listinfo/webpush
>

v2.8.7 | Report a Bug | By Email