Provides could reduce the impact of a data leak. Subscription can be limited to a single application server, theĪbility to associate said subscription with the application server To a push service allows the push service to better distinguishĪdditionally, this design also relies on endpoint secrecy as anyĪpplication server in possession of the endpoint is able to send Providing more information about the application server more directly User agents, this is not always efficient or even sufficient. Requests from application servers can be indirectly attributed to Mandatory system for authentication of application servers.Īn unfortunate consequence of this design is that a push service isĮxposed to a greater risk of denial of service attack. That constraint would alsoĭegrade the privacy-preserving properties the protocol provides. The interactions between user agents and application servers, who are To authenticate application servers places an unwanted constraint on Requesting the creation of a subscription for push message receipts To requesting delivery of a push message. The Web Push protocol describes how anĪpplication server is able to request that a push service deliver aĪs a consequence of the expected deployment architecture, there is noīasis for an application server to be known to a push service prior Amendments to Requesting Push Message Delivery. Amendments to Subscribing for Push Messages. The Trust Legal Provisions and are provided without warranty asġ. Include Simplified BSD License text as described in Section 4.e of Code Components extracted from this document must Internet-Draft Self Identification January 2016 Please review these documentsĬarefully, as they describe your rights and restrictions with respect This document is subject to BCP 78 and the IETF Trust's Legal This Internet-Draft will expire on July 8, 2016.Ĭopyright (c) 2016 IETF Trust and the persons identified as the Material or to cite them other than as "work in progress." It is inappropriate to use Internet-Drafts as reference Internet-Drafts are draft documents valid for a maximum of six monthsĪnd may be updated, replaced, or obsoleted by other documents at any Note that other groups may also distribute Internet-Drafts are working documents of the Internet Engineering This Internet-Draft is submitted in full conformance with the
Service can use to contact the operator of the application server. An application server isįurther able include additional information the operator of a push Subscriptions with an application server. Reduce the need for endpoint secrecy by being able to associate That are made by the same application server to a single entity, and Information can be used by the push service to attribute requests Voluntary Application Server Identification for Web Push draft-thomson-webpush-vapid-01Īn application server can voluntarily identify itself to a push
0 kommentar(er)
