diff --git a/index.html b/index.html index 31bac64..59c1a19 100644 --- a/index.html +++ b/index.html @@ -110,6 +110,16 @@ status: "Internet-Draft", publisher: "IETF" }, + "WEBPUSH-VAPID": { + title: "Voluntary Application Server Identification for Web Push", + href: "https://tools.ietf.org/html/draft-thomson-webpush-vapid", + authors: [ + "Martin Thomson", + "Peter Beverloo", + ], + status: "Internet-Draft", + publisher: "IETF" + }, "X9.62": { title: "Public Key Cryptography for the Financial Services Industry, The Elliptic Curve Digital Signature Algorithm (ECDSA)", status: "ANS X9.62–2005", @@ -225,6 +235,8 @@
InvalidStateError
,
InvalidAccessError
,
+ SecurityError
,
NetworkError
,
event listener,
@@ -534,19 +546,19 @@
The subscribe
+ "widl-PushManager-subscribe-Promise-PushSubscription--PushSubscriptionOptionsInit-options">subscribe
method when invoked MUST run the following steps:
DOMException
whose name is "SecurityError
"
and terminate these steps.
+ options
argument, if
+ provided, or a PushSubscriptionOptions
dictionary with default values.
+ applicationServerKey
attribute, check that the value is valid (i.e.,
+ ensure that it describes a valid point on the P-256 curve). If the
+ applicationServerKey
value is invalid, reject promise with
+ an InvalidAccessError
and terminate these steps.
+ PushManager
's associated
service worker registration.
DOMException
whose name is "AbortError
" and
terminate these steps.
- PushSubscription
providing the details of the retrieved push
- subscription.
+ options
attribute of
+ subscription. If any attribute on allOptions contains a different
+ value to that stored for subscription, then reject promise with
+ an InvalidStateError
and terminate these steps. The contents of
+ BufferSource
values are compared for equality rather than
+ references.
+ DOMException
whose name is "AbortError
" and terminate these steps.
options
attribute of subscription to be a copy of
+ allOptions.
+ getKey
method of the PushSubscription
with an argument of
p256dh
.
getKey
method
- of the PushSubscription
with an argument of auth
.
+ [[!WEBPUSH-ENCRYPTION]]. Store the authentication secret in an internal slot on
+ subscription. This key can be retrieved by calling the getKey
+ method of the PushSubscription
with an argument of
+ auth
.
PushSubscription
providing the details of the new push
@@ -646,7 +681,7 @@
The
+ "widl-PushManager-permissionState-Promise-PushPermissionState--PushSubscriptionOptionsInit-options">
permissionState
method when invoked MUST run the following steps:
- A PushSubscriptionOptions object represents additional options associated with a + A PushSubscriptionOptionsInit represents additional options associated with a push subscription. The user agent MAY consider these options when requesting express permission from the user. When an option is considered, the user agent SHOULD enforce it on incoming push messages.
-+ Once set, options for a push subscription cannot change. A pre-existing push + subscription can be unsubscribed to create a push + subscription with new options. +
+
The userVisibleOnly
option, when
- set to true
, indicates that the push subscription will only be used
- for push messages whose effect is made visible to the user, for example by
+ "widl-PushSubscriptionOptionsInit-userVisibleOnly">userVisibleOnly option,
+ when set to true
, indicates that the push subscription will only be
+ used for push messages whose effect is made visible to the user, for example by
displaying a Web Notification. [[NOTIFICATIONS]]
+ The applicationServerKey
+ option includes an elliptic curve public key for an application server. This is the key
+ that the application server will use to authenticate itself when sending push messages to
+ this subscription as defined in [[!WEBPUSH-VAPID]]; the push service will reject any push
+ message unless the corresponding private key is used to generate an authentication token.
+
+ If present, the value of applicationServerKey
MUST include a point on
+ the P-256 elliptic curve [[!FIPS-186-3]], encoded in the uncompressed form described in
+ [[!X9.62]] Annex A (that is, 65 octets, starting with an 0x04 octet). The
+ applicationServerKey
MUST be a different value to the one used for
+ message encryption [[WEBPUSH-ENCRYPTION]].
+
+ Note that the options to a PushSubscription
are not serialized.
+