Re: [Webpush] Ben Campbell's Yes on draft-ietf-webpush-encryption-08: (with COMMENT)

Martin Thomson <martin.thomson@gmail.com> Thu, 17 August 2017 01:15 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: webpush@ietfa.amsl.com
Delivered-To: webpush@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D5B1132391; Wed, 16 Aug 2017 18:15:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VLiXVScpAqWU; Wed, 16 Aug 2017 18:15:44 -0700 (PDT)
Received: from mail-it0-x234.google.com (mail-it0-x234.google.com [IPv6:2607:f8b0:4001:c0b::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 99855126DD9; Wed, 16 Aug 2017 18:15:44 -0700 (PDT)
Received: by mail-it0-x234.google.com with SMTP id 76so25089002ith.0; Wed, 16 Aug 2017 18:15:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=KTzSR/dHozgpZTrJUfiHrzTF13S15xpd5M9phG5kM6U=; b=um6r28aS3M1O+3Ky/43fQdDuxcPn62SfZjOBoiPwBS2Pl2SndA40j2Hd+3mlaMZqcJ rZW2Mpvn+iFZBwCKjMMRZCJK3JZ2WR7wI4BL7+dK3F/oYmXz2Uu98XuQ7+raFqyw/9y1 Kqihy49SSy2ZlH7Gn3htGXYjbAyLraOMChunVQOIDu4lLU4OXyePf3c0m1yYX2cLz3eE F6tYFdxAtr6dPL8cVZRuQvd5YH7bu6ITKJgYh5VqFnkl5Faqvm0ATtJxHQpltcVJpneJ 0PfiRm2cVzrO6VkuYe6Cf5iyTILoyW2vUBUZMQmPvEe76ToXn5e6UtYnTBnBBru+qjS8 5www==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=KTzSR/dHozgpZTrJUfiHrzTF13S15xpd5M9phG5kM6U=; b=XHzPC1fPLHSapKC9ccjKhuXgUXs/osuaTp7+EpIy2pMwZgyr/QFWTOSVZn2czVKLs5 +v1v1ONITPar+7KL01H25dOh2uH2sXNoKGe59savtfzLP1Cr2/5ih6CKTIQxT0fPI+l2 MVwATpeWNoCGoMvzWQBn8nflg2hZvBqpABTo3Sfj57rdsMfCBo84SL79f0/nSZugaZil lsx8l6N/WOoEJfNoKZn0DTZ/P1liTFtMEExRIZEgagPtwQIeeROiU2EhHtpt+k1IQxd2 UUehI2pOjHIDlx9uJNqooHWpHy8p7Zyv8XRww5xukgjdt+Xx1JMXolSKHlMbLby282t9 aVaw==
X-Gm-Message-State: AHYfb5gRVn363cJTzpCFoJbfqT84ORU8eFD/rxFZKFJXQqhwwcvTBC0V ULMh/AnGtxCFpVlabAYi321ZUVHYMQ==
X-Received: by 10.36.107.68 with SMTP id v65mr355188itc.129.1502932543825; Wed, 16 Aug 2017 18:15:43 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.107.164.42 with HTTP; Wed, 16 Aug 2017 18:15:43 -0700 (PDT)
In-Reply-To: <57117A3C-41D8-4E89-8F84-C5626569A91A@nostrum.com>
References: <150285392127.12601.16486468628540142046.idtracker@ietfa.amsl.com> <CABkgnnV1MokRJZw=ks5s7iwumDj0AnUy0CVbHCUm_rOifTcJ9g@mail.gmail.com> <C151CD37-F973-4D1D-8918-98C568768048@nostrum.com> <CABkgnnVL-QEgQMqbYP9PKxdZdnvYPKd1xfQSi_YD9iOF+=M1QA@mail.gmail.com> <57117A3C-41D8-4E89-8F84-C5626569A91A@nostrum.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 17 Aug 2017 11:15:43 +1000
Message-ID: <CABkgnnXJ54njQO-4f=Bj8qw_B=xn+c2pH=s5myS2LkZeTq+ATg@mail.gmail.com>
To: Ben Campbell <ben@nostrum.com>
Cc: The IESG <iesg@ietf.org>, draft-ietf-webpush-encryption@ietf.org, Phil Sorber <sorber@apache.org>, webpush-chairs@ietf.org, "webpush@ietf.org" <webpush@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/webpush/ym5k949sLH1PhHtYD5HitbBubu8>
Subject: Re: [Webpush] Ben Campbell's Yes on draft-ietf-webpush-encryption-08: (with COMMENT)
X-BeenThere: webpush@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Discussion of potential IETF work on a web push protocol <webpush.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/webpush>, <mailto:webpush-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/webpush/>
List-Post: <mailto:webpush@ietf.org>
List-Help: <mailto:webpush-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/webpush>, <mailto:webpush-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Aug 2017 01:15:46 -0000

On 17 August 2017 at 11:12, Ben Campbell <ben@nostrum.com>; wrote:
>
>> On Aug 16, 2017, at 7:44 PM, Martin Thomson <martin.thomson@gmail.com>; wrote:
>>
>> On 17 August 2017 at 00:41, Ben Campbell <ben@nostrum.com>; wrote:
>>> Is the shared “central agent” the same as  or part of the “same user agent”? Is it a push server? A shared session with the push server (i.e. a shared push client as part of the UA)?
>>
>> Think common library, daemon process, or system service.
>>
>>> To broaden the question: Is this “central agent” on the usual architecture picture for webpush, or is it something different?
>>
>> It's an implementation detail on the user agent.
>
> Okay, I get it. Am I correct to infer that the only practical impact is this shared agent can wedge in encryption?

Yeah.  Though it turns out to be handy (or annoying, depending on your
perspective).  In webpush, the browser is this agent, and it has some
rather different incentives to the applications themselves.  We're
effectively forcing applications to encrypt.