Re: [Push API] How to detect acceptable Content-Encoding for each UA
Hi Martin, Thanks so much for your comment. I understand that there will be no problem when any UA will accept "aesgcm". > Firefox will support aesgcm128 for several releases once "aesgcm" is > done (something I expect to happen in 48). Good. I'm looking forward to seeing it will happen. On Fri, Mar 4, 2016 at 5:55 PM Martin Thomsonwrote: > On 4 March 2016 at 18:07, Tomoyuki SHIMIZU > wrote: > > On the other hand, it could be renamed according to encryption spec > update > > (e.g. changing from "aesgcm128" to "aesgcm"[2][3]). It might suggest > each UA > > might support different types or versions of Content-Encoding in the > future. > > Firefox will support aesgcm128 for several releases once "aesgcm" is > done (something I expect to happen in 48). By the time that Chrome > supports the standard protocol (I think that's 51), both browsers will > accept "aesgcm" as described in the pull request. > > Right now, it's more than just Content-Encoding people have to worry > about, because Chrome supplies an endpoint that only talks the GCM > protocol. I think that we can chalk that up to early adopter pains > and rather begrudgingly suggest looking at the UA string. >
Re: [Push API] How to detect acceptable Content-Encoding for each UA
On 4 March 2016 at 18:07, Tomoyuki SHIMIZUwrote: > On the other hand, it could be renamed according to encryption spec update > (e.g. changing from "aesgcm128" to "aesgcm"[2][3]). It might suggest each UA > might support different types or versions of Content-Encoding in the future. Firefox will support aesgcm128 for several releases once "aesgcm" is done (something I expect to happen in 48). By the time that Chrome supports the standard protocol (I think that's 51), both browsers will accept "aesgcm" as described in the pull request. Right now, it's more than just Content-Encoding people have to worry about, because Chrome supplies an endpoint that only talks the GCM protocol. I think that we can chalk that up to early adopter pains and rather begrudgingly suggest looking at the UA string.
[Push API] How to detect acceptable Content-Encoding for each UA
Hi, I would like to make a comment on a concern about using Push API with Web Push Encryption. Web Push Encryption spec[1] says an application server must indicate Content-Encoding so that a UA can correctly process received push messages. Currently there are browsers which supports "aesgcm128" Content-Encoding (e.g. Chrome 49, Firefox 44+). On the other hand, it could be renamed according to encryption spec update (e.g. changing from "aesgcm128" to "aesgcm"[2][3]). It might suggest each UA might support different types or versions of Content-Encoding in the future. If I understand correctly, there might be no manner to notify the application server of Content-Encoding which the UA could accept, without checking UA's name or version. IMHO, if Push API would provide any method or attribute to indicate acceptable Content-Encoding, it would be helpful for the application server. WDYT? Best regards, Tomoyuki Shimizu [1] https://tools.ietf.org/html/draft-ietf-webpush-encryption-01 [2] https://lists.w3.org/Archives/Public/ietf-http-wg/2016JanMar/0180.html [3] https://github.com/httpwg/http-extensions/pull/137