diff --git a/index.html b/index.html index 7f09513..deddb0d 100644 --- a/index.html +++ b/index.html @@ -336,9 +336,10 @@
A push subscription has an associated endpoint. It MUST be the absolute URL exposed by the push - service where the application server can send push messages to. An - endpoint MUST uniquely identify the push subscription. + "push endpoint|push endpoints">push endpoint. It MUST be the absolute URL exposed + by the push service where the application server can send push + messages to. A push endpoint MUST uniquely identify the push + subscription.
The term push service refers to a system that allows application servers to send push messages to a webapp. A - push service serves the endpoint or endpoints for the push - subscriptions it serves. + push service serves the push endpoint or endpoints + for the push subscriptions it serves.
- The endpoint of a deactivated push subscription MUST NOT be reused for - a new push subscription. This prevents the creation of a persistent identifier that - the user cannot remove. This also prevents reuse of the details of one push - subscription to send push messages to another push subscription. + The push endpoint of a deactivated push subscription MUST NOT be + reused for a new push subscription. This prevents the creation of a persistent + identifier that the user cannot remove. This also prevents reuse of the details of one + push subscription to send push messages to another push subscription.
User agents MUST implement the Push API to be HTTPS-only. SSL-only support provides @@ -409,11 +410,11 @@
The fields included in the PushSubscription
is all the information needed
for an application server to send a push message. Push services that are
- compatible with the Push API provide an endpoint that conforms to the web push
- protocol. These parameters and attributes include:
+ compatible with the Push API provide a push endpoint that conforms to the web
+ push protocol. These parameters and attributes include:
endpoint
of a
- PushSubscription
is a URL that allows an application server to
- request delivery of a push message to a webapp.
+ push endpoint
of a
+ PushSubscription
is a URL that allows an application server to request
+ delivery of a push message to a webapp.
getKey
method on a
- PushSubscription
is used to retrieve keying material used to encipher
- push messages. Each invocation of the function returns a new
+ PushSubscription
is used to retrieve keying material used to encrypt and
+ authenticate push messages. Each invocation of the function returns a new
ArrayBuffer
that contains the value of the corresponding key, or
null
if the identified key doesn't exist. Passing a value of
- p256dh
retrieves a elliptic curve Diffie-Hellman
- (ECDH) public key associated with the push subscription. This key is used by
- the application server to encipher messages for the push subscription, as
- described in [[!WEBPUSH-ENCRYPTION]].
+ p256dh
retrieves a elliptic curve Diffie-Hellman
+ (ECDH) public key associated with the push subscription. Passing a value of
+ auth
returns an authentication secret that an application server uses in
+ authentication of its messages. These keys are used by the application server to
+ encrypt and authenticate messages for the push subscription, as described in
+ [[!WEBPUSH-ENCRYPTION]].
getKey
of the PushSubscription
with an argument of
- p256dh
.
+ getKey
method of the PushSubscription
with an argument of
+ p256dh
.
+ getKey
method
+ of the PushSubscription
with an argument of auth
.
PushSubscription
providing the details of the new push
@@ -710,37 +719,42 @@
- When getting the PushSubscription.endpoint
attribute, the user
- agent MUST return the endpoint associated with the push subscription.
+ When getting the endpoint
+ attribute, the user agent MUST return the push endpoint associated with the
+ push subscription.
The PushSubscription.getKey
method
- retrieves a public key that can be used for enciphering messages. When getKey
is invoked the following process is followed:
+ data-lt="PushSubscription-getKey">getKey method retrieves keying material that
+ can be used for encrypting and authenticating messages. When getKey
is
+ invoked the following process is followed:
name
argument.
+ name
+ argument.
null
.
+ null
.
ArrayBuffer
instance.
p256dh
- public key is encoded using the uncompressed format defined in [[X9.62]] Annex A (that is,
- a 65 octet sequence that starts with a 0x04 octet).
+ p256dh
public key is encoded
+ using the uncompressed format defined in [[X9.62]] Annex A (that is, a 65 octet sequence
+ that starts with a 0x04 octet).
+ auth
parameter contains an octet sequence used by the user agent to
+ authenticate messages sent by an application server.
- An encryption key named p256dh
MUST be supported, which is used to retrieve a
- P-256 ECDH public key as described by [[!WEBPUSH-ENCRYPTION]].
+ Keys named p256dh
and auth
MUST be supported.
The
Encryption keys used for push message encryption are provided to a webapp
- through the
- The
+ The
PushSubscription
, ordered by the name of the key:
-
getKey
).
+ getKey
).
+ getKey
.
USVString
. The user agent MUST use a serialization method
@@ -807,7 +823,7 @@
getKey
method or the serializer of
+ through the getKey
method or the serializer of
PushSubscription
. Each key is named using a value from the
PushEncryptionKeyName
enumeration.
p256dh
value is used
- to retrieve the P-256 ECDH Diffie-Hellman public key described in
+ The p256dh
value is
+ used to retrieve the P-256 ECDH Diffie-Hellman public key described in
[[!WEBPUSH-ENCRYPTION]].
auth
value is used to
+ retrieve the authentication secret described in [[!WEBPUSH-ENCRYPTION]].
+