- From: JR Conlin <notifications@github.com>
- Date: Wed, 19 Apr 2017 18:30:56 -0700
- To: w3c/push-api <push-api@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 20 April 2017 01:31:41 UTC
Recently, a bug filed against a webpush subscription library highlighted a shortcoming. https://github.com/web-push-libs/web-push-php/issues/48#issuecomment-295416292 Currently, there are two in production encryption encoding types, "aesgcm" and "aes128gcm". The "voice of authority" about what types of accepted content types is the UA. The sorts of allowed encryption is not communicated to the subscription update provider. I would like to propose that the returned [PublishSubscription](https://developer.mozilla.org/en-US/docs/Web/API/PushSubscription) object `options` object be modified to include a "encodingtypes" list of allowed ECE encoding types. (e.g. `["aesgcm", "aes128gcm"]`) This method would also allow future content types to be relayed. If no "encodingtypes" field is present, then the provider must assume "aesgcm" encoding, to allow for older UAs. This field would also help indicate "updated" UAs which can take advantage of the newer draft specifications. (Some additional, albeit incorrectly located, [discussion is here](https://mailarchive.ietf.org/arch/msg/webpush/uDR2PzpChfn24TwNWZBfR6fuKp0).) -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/push-api/issues/251
Received on Thursday, 20 April 2017 01:31:41 UTC