- From: JR Conlin <notifications@github.com>
- Date: Wed, 13 Nov 2024 08:08:20 -0800
- To: w3c/push-api <push-api@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3c/push-api/issues/360/2474053872@github.com>
I have a few general questions about this, mostly around the payload element: 1) Would proposed JSON Payload remain fully e2e encrypted or would there be elements of that payload that would not be encrypted (e.g. to allow for the "default" displayable message or action URL in case of encryption failures)? If so, how do we ensure message privacy? (e.g. Could a company that provides Push be subpoenaed to report all user information for messages related to a given "default URL"?) 2) Would the default 4K message size limit be maintained with allowances for the cryptographic overhead, or would the message size be increased to handle the additional required fields? 3) Companies like Mozilla rely on using proprietary messaging systems like Android Firebase Cloud Messaging (FCM) and Apple's Push Notification system (APNs) to deliver push messages to mobile platforms. These also have existing message size limits, which may impact the total available size of an encrypted message payload. How would those companies deal with this sort of issue (ideally, without implementing a "TCP over FCM/APNs" type solution)? -- Reply to this email directly or view it on GitHub: https://github.com/w3c/push-api/issues/360#issuecomment-2474053872 You are receiving this because you are subscribed to this thread. Message ID: <w3c/push-api/issues/360/2474053872@github.com>
Received on Wednesday, 13 November 2024 16:08:24 UTC