- From: Martin Thomson <notifications@github.com>
- Date: Sun, 23 Apr 2017 15:48:55 -0700
- To: w3c/push-api <push-api@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3c/push-api/pull/254/review/34191305@github.com>
martinthomson approved this pull request.
> @@ -383,6 +382,35 @@
<var>oldSubscription</var> and a <a>PushSubscription</a> instance representing the
<a>push subscription</a> having the new keys as <var>newSubscription</var>.
</p>
+ <p>
+ To <dfn>create a push subscription</dfn>, given an <a>PushSubscriptionOptions</a> object
+ of <var>options</var>, the <a>user agent</a> must run the following steps:
+ </p>
+ <ol>
+ <li>Let <var>subscription</var> be a new <a>push subscription</a>.
+ </li>
+ <li>Set the <code>options</code> attribute of <var>subscription</var> to be a copy of
+ <var>options</var>.
+ </li>
+ <li>Generate a new P-256 <a>ECDH</a> key pair. Store the private key in an internal slot
Cite X9.62 on the first sentence.
> @@ -383,6 +382,35 @@
<var>oldSubscription</var> and a <a>PushSubscription</a> instance representing the
<a>push subscription</a> having the new keys as <var>newSubscription</var>.
</p>
+ <p>
+ To <dfn>create a push subscription</dfn>, given an <a>PushSubscriptionOptions</a> object
+ of <var>options</var>, the <a>user agent</a> must run the following steps:
+ </p>
+ <ol>
+ <li>Let <var>subscription</var> be a new <a>push subscription</a>.
+ </li>
+ <li>Set the <code>options</code> attribute of <var>subscription</var> to be a copy of
+ <var>options</var>.
+ </li>
+ <li>Generate a new P-256 <a>ECDH</a> key pair. Store the private key in an internal slot
+ on <var>subscription</var>; this value MUST NOT be made available to applications. The
+ public key is also stored in an internal slot and can be retrieved by calling the <code>
+ getKey</code> method of the <a>PushSubscription</a> with an argument of
Is this indent what tidy produces? Strange.
> + </li>
+ <li>Generate a new P-256 <a>ECDH</a> key pair. Store the private key in an internal slot
+ on <var>subscription</var>; this value MUST NOT be made available to applications. The
+ public key is also stored in an internal slot and can be retrieved by calling the <code>
+ getKey</code> method of the <a>PushSubscription</a> with an argument of
+ <a data-link-for="PushEncryptionKeyName">p256dh</a>.
+ </li>
+ <li>Generate a new authentication secret, which is a sequence of octets as defined in
+ [[!WEBPUSH-ENCRYPTION]]. Store the authentication secret in an internal slot on
+ <var>subscription</var>. This key can be retrieved by calling the <code>getKey</code>
+ method of the <a>PushSubscription</a> with an argument of <a data-link-for=
+ "PushEncryptionKeyName">auth</a>.
+ </li>
+ <li>Make a request to the <a>push service</a> to create a new <a>push subscription</a>.
+ Include the <a data-link-for="PushSubscriptionOptions">applicationServerKey</a> attribute
+ of <var>options</var> when it contains a valid point on the P-256 curve.
We reject the call if `applicationServerKey` is invalid, so you can remove the "when it contains a valid point" bit.
> @@ -868,9 +885,14 @@
is one, or <code>null</code> otherwise.
</p>
<p>
+ When getting the <dfn>options</dfn> attribute, the <a>user agent</a> MUST return a
+ <code><a>PushSubscriptionOptions</a></code> object representing the options associated with
s/object/dictionary ?
> @@ -930,7 +953,7 @@
</li>
</ol>
<p>
- The serializer for a <a>PushSubscription</a> invokes the following steps:
+ The <dfn>serializer</dfn> for a <a>PushSubscription</a> invokes the following steps:
no data-dfn-for here?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/push-api/pull/254#pullrequestreview-34191305
Received on Sunday, 23 April 2017 22:49:29 UTC