Re: [w3c/push-api] Some questions about VAPID and encrypted messages (#278) from Peter Beverloo on 2017-07-17 (public-webapps-github@w3.org from July 2017)

From: Peter Beverloo <notifications@github.com>
Date: Mon, 17 Jul 2017 12:18:55 +0000 (UTC)
To: w3c/push-api <push-api@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/push-api/issues/278/315739792@github.com>

The Push API does say that `applicationServerKey` has to be a valid P-256 point, so the while the user agent may do some verification, the push service may not.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/push-api/issues/278#issuecomment-315739792

Received on Monday, 17 July 2017 12:19:23 UTC