Skip to main content

Use of VAPID in JMAP WebPush
draft-ietf-jmap-webpush-vapid-10

Revision differences

Document history

Date Rev. By Action
2025-01-10
10 Daniel Gultsch New version available: draft-ietf-jmap-webpush-vapid-10.txt
2025-01-10
10 Daniel Gultsch New version accepted (logged-in submitter: Daniel Gultsch)
2025-01-10
10 Daniel Gultsch Uploaded new revision
2025-01-09
09 Jenny Bui IESG state changed to Approved-announcement to be sent::AD Followup from IESG Evaluation
2025-01-08
09 John Scudder [Ballot Position Update] New position, No Objection, has been recorded for John Scudder
2025-01-08
09 Warren Kumari [Ballot Position Update] New position, No Objection, has been recorded for Warren Kumari
2025-01-07
09 Roman Danyliw [Ballot comment]
Thank you to Paul Kyzivat for the GENART review.
2025-01-07
09 Roman Danyliw [Ballot Position Update] New position, No Objection, has been recorded for Roman Danyliw
2025-01-07
09 Amanda Baber IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed
2025-01-07
09 (System) IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed
2025-01-07
09 Daniel Gultsch New version available: draft-ietf-jmap-webpush-vapid-09.txt
2025-01-07
09 Daniel Gultsch New version accepted (logged-in submitter: Daniel Gultsch)
2025-01-07
09 Daniel Gultsch Uploaded new revision
2025-01-07
08 Orie Steele
[Ballot comment]
# Orie Steele, ART AD, comments for draft-ietf-jmap-webpush-vapid-08
CC @OR13

* line numbers:
  - https://author-tools.ietf.org/api/idnits?url=https://www.ietf.org/archive/id/draft-ietf-jmap-webpush-vapid-08.txt&submitcheck=True

* comment syntax:
  - https://github.com/mnot/ietf-comments/blob/main/format.md

* "Handling Ballot Positions":
  - https://ietf.org/about/groups/iesg/statements/handling-ballot-positions/


Thanks to Thomas Fossati for the ART ART Review.

### What does use mean?

```
101   PushVerification notifications.  The server MUST use the application
102   server key that was advertised in the capabilities object at the time
103   the PushSubscription was created.
```

I think this means: verify a digital signature using the applicationServerKey as described in https://datatracker.ietf.org/doc/html/rfc8292#section-4.2 ?

This must seems underspecified, or to assume more JMAP knowledge than I have.
The word "sign" only appears in the security considerations, a brief description of how this "signing" key is used before then would be helpful, even if its just calling out to sections in other specs.

### new public key format for jmap (sigh)

```
90   *  applicationServerKey: "String"
91       The ECDSA public key (current systems use the P-256 curve)
92       [FIPS186], in its uncompressed form as described in [X9.62] Annex
93       A and encoded using base64url encoding [RFC7515], that the push
94       service will use to authenticate the application server.
```

I see that this came up in the ART ART review:

https://mailarchive.ietf.org/arch/msg/art/7hYM8qI5Seg9C75sy5atqRLolPA/

Following through the W3C references, we land on:

https://www.rfc-editor.org/rfc/rfc8292#section-3.2

Specifically:

https://www.rfc-editor.org/rfc/rfc8292#section-2.4

```
  Note:  X9.62 encoding is used over JWK [RFC7517] for two reasons.  A
      JWK does not have a canonical form, so X9.62 encoding makes it
      easier for the push service to handle comparison of keys from
      different sources.  Secondarily, the X9.62 encoding is also
      considerably smaller.
```

I suggest adding a direct reference to this.

And also a comment like you have on the list "this is to enable copy pasting of the existing text encoded keys".
2025-01-07
08 Orie Steele [Ballot Position Update] New position, No Objection, has been recorded for Orie Steele
2025-01-07
08 Zaheduzzaman Sarker [Ballot Position Update] New position, No Objection, has been recorded for Zaheduzzaman Sarker
2025-01-06
08 Amanda Baber IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed
2025-01-06
09 (System) IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed
2025-01-06
08 Paul Wouters
[Ballot comment]

        applicationServerKey: "String"

        The ECDSA public key (current systems use the P-256 curve) [FIPS186],
    …
[Ballot comment]

        applicationServerKey: "String"

        The ECDSA public key (current systems use the P-256 curve) [FIPS186],
        in its uncompressed form as described in [X9.62] Annex A and encoded
        using base64url encoding [RFC7515], that the push service will use to
        authenticate the application server.

It seems one should either use a representation that includes the cryptographic
specifiers (eg SubjectPublicKeyInfo) or one should have a field with the key
type, eg applicationServerKeyType: "ECDSA".

This might be the case for [X9.62], but I cannot tell as the resource does not
seem to be publicly available. I guess since this format is also used in RFC8292,
it is too late to raise a DISCUSS on this to fix, unfortunately.


The first part of the Security Considerations seems to deal with regular protocol
operational edge cases and not security considerations. Consider moving these to
a more appropriate place (maybe its own new Section)
2025-01-06
08 Paul Wouters [Ballot Position Update] New position, No Objection, has been recorded for Paul Wouters
2025-01-06
08 Gunter Van de Velde [Ballot Position Update] New position, No Objection, has been recorded for Gunter Van de Velde
2025-01-05
08 Daniel Gultsch New version available: draft-ietf-jmap-webpush-vapid-08.txt
2025-01-05
08 Daniel Gultsch New version accepted (logged-in submitter: Daniel Gultsch)
2025-01-05
08 Daniel Gultsch Uploaded new revision
2025-01-05
07 Daniel Gultsch New version available: draft-ietf-jmap-webpush-vapid-07.txt
2025-01-05
07 Daniel Gultsch New version accepted (logged-in submitter: Daniel Gultsch)
2025-01-05
07 Daniel Gultsch Uploaded new revision
2025-01-05
06 Deb Cooley
[Ballot comment]
Thank you to Daniel for addressing my original comments.  I'm changing my ballot to 'no objection'. 

I have one comment remaining:

In Section …
[Ballot comment]
Thank you to Daniel for addressing my original comments.  I'm changing my ballot to 'no objection'. 

I have one comment remaining:

In Section 3, the parenthetical (65 octets specifically) won't be true with a larger ECDSA public key.  I had merely eliminated the parenthetical in my suggested text.  The public key will always start with a 0x04 octet, but it won't be 65 octets in length.

-------------------------------------------
Below are my original comments (just for the record).

---------------------------

Thank you for a well written, clear draft.  These should be easy to resolve.

Section 3:  While RFC8292 specifies ECDSA directly, it only mentions P-256.
This draft should aim to allow algorithm agility in terms of ECDSA key size as
VAPID and JWT allow.  How about:

"The ECDSA public key (current systems use the P-256 curve) [FIPS186], in
uncompressed form described in [X9.62] Annex A that is encoded using base64url
encoding [RFC7515], that the push service will use to authenticate the
application server."

Section 6:  Since none of the referenced RFCs has Key Rotation as a topic,
please add a couple of sentences on key rotation here.  [note:  some of what
you have in the key rotation section can easily be used.]

-----------------------
2025-01-05
06 Deb Cooley [Ballot Position Update] Position for Deb Cooley has been changed to No Objection from Discuss
2025-01-05
06 (System) IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed
2025-01-05
06 Daniel Gultsch New version available: draft-ietf-jmap-webpush-vapid-06.txt
2025-01-05
06 Daniel Gultsch New version accepted (logged-in submitter: Daniel Gultsch)
2025-01-05
06 Daniel Gultsch Uploaded new revision
2025-01-03
05 Mahesh Jethanandani [Ballot Position Update] New position, No Objection, has been recorded for Mahesh Jethanandani
2025-01-02
05 Éric Vyncke [Ballot comment]
I am supporting Deb's and Erik's ballots about lack of agility.
2025-01-02
05 Éric Vyncke [Ballot Position Update] New position, No Objection, has been recorded for Éric Vyncke
2024-12-29
05 Deb Cooley
[Ballot discuss]
Thank you for a well written, clear draft.  These should be easy to resolve.

Section 3:  While RFC8292 specifies ECDSA directly, it only …
[Ballot discuss]
Thank you for a well written, clear draft.  These should be easy to resolve.

Section 3:  While RFC8292 specifies ECDSA directly, it only mentions P-256.  This draft should aim to allow algorithm agility in terms of ECDSA key size as VAPID and JWT allow.  How about: 

"The ECDSA public key (current systems use the P-256 curve) [FIPS186], in uncompressed form described in [X9.62] Annex A that is encoded using base64url encoding [RFC7515], that the push service will use to authenticate the application server."

Section 6:  Since none of the referenced RFCs has Key Rotation as a topic, please add a couple of sentences on key rotation here.  [note:  some of what you have in the key rotation section can easily be used.]
2024-12-29
05 Deb Cooley [Ballot Position Update] New position, Discuss, has been recorded for Deb Cooley
2024-12-28
05 Erik Kline
[Ballot comment]
# Internet AD comments for draft-ietf-jmap-webpush-vapid-05
CC @ekline

* comment syntax:
  - https://github.com/mnot/ietf-comments/blob/main/format.md

* "Handling Ballot Positions":
  - https://ietf.org/about/groups/iesg/statements/handling-ballot-positions/

## Comments …
[Ballot comment]
# Internet AD comments for draft-ietf-jmap-webpush-vapid-05
CC @ekline

* comment syntax:
  - https://github.com/mnot/ietf-comments/blob/main/format.md

* "Handling Ballot Positions":
  - https://ietf.org/about/groups/iesg/statements/handling-ballot-positions/

## Comments

### S2

* "MUST contain the following ... The ECDSA public key"

  I'm a little surprised by what, to me, looks like a lack of algorithm
  agility.  I don't know enough about VAPID to know if algorithm agility
  is feasible, but ... it seems like something IETF protocols should
  generally be aiming towards.

### S5

* "If there is a mismatch, the client MAY retry creating the
  PushSubscription"

  Why MAY and not SHOULD?  I assumed this would be the logical desired
  behavior.
2024-12-28
05 Erik Kline [Ballot Position Update] New position, No Objection, has been recorded for Erik Kline
2024-12-27
05 Jim Guichard [Ballot Position Update] New position, No Objection, has been recorded for Jim Guichard
2024-12-09
05 Linda Dunbar Request for Last Call review by SECDIR Completed: Has Issues. Reviewer: Linda Dunbar. Sent review to list. Submission of review completed at an earlier date.
2024-12-09
05 Linda Dunbar Request for Last Call review by SECDIR Completed: Has Issues. Reviewer: Linda Dunbar.
2024-12-09
05 Jenny Bui Placed on agenda for telechat - 2025-01-09
2024-12-07
05 Murray Kucherawy Ballot has been issued
2024-12-07
05 Murray Kucherawy [Ballot Position Update] New position, Yes, has been recorded for Murray Kucherawy
2024-12-07
05 Murray Kucherawy Created "Approve" ballot
2024-12-07
05 Murray Kucherawy IESG state changed to IESG Evaluation from Waiting for AD Go-Ahead
2024-12-07
05 Murray Kucherawy Ballot writeup was changed
2024-12-06
05 (System) IESG state changed to Waiting for AD Go-Ahead from In Last Call
2024-12-04
05 David Dong
IESG/Authors/WG Chairs:

IANA has completed its review of draft-ietf-jmap-webpush-vapid-05. If any part of this review is inaccurate, please let us know.

IANA understands that, upon …
IESG/Authors/WG Chairs:

IANA has completed its review of draft-ietf-jmap-webpush-vapid-05. If any part of this review is inaccurate, please let us know.

IANA understands that, upon approval of this document, there is a single action which we must complete.

In the JMAP Capabilities registry in the JSON Meta Application Protocol (JMAP) registry group located at:

https://www.iana.org/assignments/jmap/

a single new registration is to be made as follows:

Capability Name: urn:ietf:params:jmap:webpush-vapid
Intended Use: common
Change Controller: IETF
Security and Privacy Considerations: [ RFC-to-be; Section 6 ]
Reference: [ RFC-to-be ]

As this document requests a registration in an Expert Review or Specification Required (see RFC 8126) registry, we have completed the required Expert Review via a separate request.

We understand that this is the only action required to be completed upon approval of this document.

NOTE: The action requested in this document will not be completed until the document has been approved for publication as an RFC. This message is meant only to confirm the action that will be performed.

For definitions of IANA review states, please see:

https://datatracker.ietf.org/help/state/draft/iana-review

Thank you,

David Dong
IANA Services Sr. Specialist
2024-12-04
05 (System) IANA Review state changed to IANA OK - Actions Needed from IANA - Review Needed
2024-12-04
05 Paul Kyzivat Request for Last Call review by GENART Completed: Ready. Reviewer: Paul Kyzivat.
2024-12-02
05 David Dong IANA Experts State changed to Expert Reviews OK from Reviews assigned
2024-11-27
05 Jean Mahoney Request for Last Call review by GENART is assigned to Paul Kyzivat
2024-11-26
05 David Dong IANA Experts State changed to Reviews assigned
2024-11-24
05 Thomas Fossati Request for Last Call review by ARTART Completed: Ready. Reviewer: Thomas Fossati. Sent review to list. Submission of review completed at an earlier date.
2024-11-24
05 Thomas Fossati Request for Last Call review by ARTART Completed: Ready. Reviewer: Thomas Fossati.
2024-11-24
05 Barry Leiba Request for Last Call review by ARTART is assigned to Thomas Fossati
2024-11-24
05 Tero Kivinen Request for Last Call review by SECDIR is assigned to Linda Dunbar
2024-11-24
05 Daniel Gultsch New version available: draft-ietf-jmap-webpush-vapid-05.txt
2024-11-24
05 Daniel Gultsch New version accepted (logged-in submitter: Daniel Gultsch)
2024-11-24
05 Daniel Gultsch Uploaded new revision
2024-11-22
04 Thomas Fossati Request for Last Call review by ARTART Completed: Ready with Issues. Reviewer: Thomas Fossati. Review has been revised by Thomas Fossati.
2024-11-22
04 Thomas Fossati
Request for Last Call review by ARTART Completed: Ready with Issues. Reviewer: Thomas Fossati. Sent review to list. Submission of review completed at an earlier …
Request for Last Call review by ARTART Completed: Ready with Issues. Reviewer: Thomas Fossati. Sent review to list. Submission of review completed at an earlier date.
2024-11-22
04 Thomas Fossati Request for Last Call review by ARTART Completed: Ready with Issues. Reviewer: Thomas Fossati.
2024-11-22
04 Barry Leiba Request for Last Call review by ARTART is assigned to Thomas Fossati
2024-11-22
04 Jenny Bui IANA Review state changed to IANA - Review Needed
2024-11-22
04 Jenny Bui
The following Last Call announcement was sent out (ends 2024-12-06):

From: The IESG
To: IETF-Announce
CC: brong@fastmailteam.com, draft-ietf-jmap-webpush-vapid@ietf.org, jmap-chairs@ietf.org, jmap@ietf.org, superuser@gmail.com …
The following Last Call announcement was sent out (ends 2024-12-06):

From: The IESG
To: IETF-Announce
CC: brong@fastmailteam.com, draft-ietf-jmap-webpush-vapid@ietf.org, jmap-chairs@ietf.org, jmap@ietf.org, superuser@gmail.com
Reply-To: last-call@ietf.org
Sender:
Subject: Last Call:  (Use of VAPID in JMAP WebPush) to Proposed Standard


The IESG has received a request from the JSON Mail Access Protocol WG (jmap)
to consider the following document: - 'Use of VAPID in JMAP WebPush'
  as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-call@ietf.org mailing lists by 2024-12-06. Exceptionally, comments may
be sent to iesg@ietf.org instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.

Abstract


  This document defines a method for JMAP servers to advertise their
  capability to authenticate WebPush notifications using the Voluntary
  Application Server Identification protocol.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-jmap-webpush-vapid/



No IPR declarations have been submitted directly on this I-D.




2024-11-22
04 Jenny Bui IESG state changed to In Last Call from Last Call Requested
2024-11-22
04 Murray Kucherawy Last call was requested
2024-11-22
04 Murray Kucherawy Ballot approval text was generated
2024-11-22
04 Murray Kucherawy Ballot writeup was generated
2024-11-22
04 Murray Kucherawy IESG state changed to Last Call Requested from AD Evaluation::AD Followup
2024-11-22
04 Murray Kucherawy Last call announcement was generated
2024-11-22
04 (System) Changed action holders to Murray Kucherawy (IESG state changed)
2024-11-22
04 (System) Sub state has been changed to AD Followup from Revised I-D Needed
2024-11-22
04 Daniel Gultsch New version available: draft-ietf-jmap-webpush-vapid-04.txt
2024-11-22
04 Daniel Gultsch New version accepted (logged-in submitter: Daniel Gultsch)
2024-11-22
04 Daniel Gultsch Uploaded new revision
2024-11-20
03 (System) Changed action holders to Daniel Gultsch (IESG state changed)
2024-11-20
03 Murray Kucherawy IESG state changed to AD Evaluation::Revised I-D Needed from AD Evaluation::AD Followup
2024-11-17
03 Murray Kucherawy IESG state changed to AD Evaluation::AD Followup from AD Evaluation
2024-11-14
03 Murray Kucherawy IESG state changed to AD Evaluation from Publication Requested
2024-11-05
03 Bron Gondwana
# Document Shepherd Write-Up for Group Documents

*This version is dated 4 July 2022.*

Thank you for your service as a document shepherd. Among the …
# Document Shepherd Write-Up for Group Documents

*This version is dated 4 July 2022.*

Thank you for your service as a document shepherd. Among the responsibilities is
answering the questions in this write-up to give helpful context to Last Call
and Internet Engineering Steering Group ([IESG][1]) reviewers, and your
diligence in completing it is appreciated. The full role of the shepherd is
further described in [RFC 4858][2]. You will need the cooperation of the authors
and editors to complete these checks.

Note that some numbered items contain multiple related questions; please be sure
to answer all of them.

## Document History

1. Does the working group (WG) consensus represent the strong concurrence of a
  few individuals, with others being silent, or did it reach broad agreement?

JMAP is a small working group, there's wide consensus that this is a good idea
and quite a few people were vocal in the discussion.

2. Was there controversy about particular points, or were there decisions where
  the consensus was particularly rough?

There was one issue that caused a delay and repeat working-group-last-call
however it was resolved to the satisfaction of all.

3. Has anyone threatened an appeal or otherwise indicated extreme discontent? If
  so, please summarize the areas of conflict in separate email messages to the
  responsible Area Director. (It should be in a separate email because this
  questionnaire is publicly available.)

No.

4. For protocol documents, are there existing implementations of the contents of
  the document? Have a significant number of potential implementers indicated
  plans to implement? Are any existing implementations reported somewhere,
  either in the document itself (as [RFC 7942][3] recommends) or elsewhere
  (where)?

All users of JMAP push either have or will have to implement this, as browsers are
requiring it.

## Additional Reviews

5. Do the contents of this document closely interact with technologies in other
  IETF working groups or external organizations, and would it therefore benefit
  from their review? Have those reviews occurred? If yes, describe which
  reviews took place.

The related working group (webpush) has concluded, however this document has been
discussed with one of the authors of the related document (rfc8292).

6. Describe how the document meets any required formal expert review criteria,
  such as the MIB Doctor, YANG Doctor, media type, and URI type reviews.

There are no export reviews required.

7. If the document contains a YANG module, has the final version of the module
  been checked with any of the [recommended validation tools][4] for syntax and
  formatting validation? If there are any resulting errors or warnings, what is
  the justification for not fixing them at this time? Does the YANG module
  comply with the Network Management Datastore Architecture (NMDA) as specified
  in [RFC 8342][5]?

There's no YANG.

8. Describe reviews and automated checks performed to validate sections of the
  final version of the document written in a formal language, such as XML code,
  BNF rules, MIB definitions, CBOR's CDDL, etc.

There's no formal language section.

## Document Shepherd Checks

9. Based on the shepherd's review of the document, is it their opinion that this
  document is needed, clearly written, complete, correctly designed, and ready
  to be handed off to the responsible Area Director?

Yes, it's clear and ready.

10. Several IETF Areas have assembled [lists of common issues that their
    reviewers encounter][6]. For which areas have such issues been identified
    and addressed? For which does this still need to happen in subsequent
    reviews?

There's no areas that require this kind of review.

11. What type of RFC publication is being requested on the IETF stream ([Best
    Current Practice][12], [Proposed Standard, Internet Standard][13],
    [Informational, Experimental or Historic][14])? Why is this the proper type
    of RFC? Do all Datatracker state attributes correctly reflect this intent?

Proposed Standard, as it extends a proposed standard.

12. Have reasonable efforts been made to remind all authors of the intellectual
    property rights (IPR) disclosure obligations described in [BCP 79][7]? To
    the best of your knowledge, have all required disclosures been filed? If
    not, explain why. If yes, summarize any relevant discussion, including links
    to publicly-available messages when applicable.

The author is not aware of any IPR to disclose.

13. Has each author, editor, and contributor shown their willingness to be
    listed as such? If the total number of authors and editors on the front page
    is greater than five, please provide a justification.

Yes, there's only a single author.

14. Document any remaining I-D nits in this document. Simply running the [idnits
    tool][8] is not enough; please review the ["Content Guidelines" on
    authors.ietf.org][15]. (Also note that the current idnits tool generates
    some incorrect warnings; a rewrite is underway.)

No nits.

15. Should any informative references be normative or vice-versa? See the [IESG
    Statement on Normative and Informative References][16].

All references are normative, and required to be so.

16. List any normative references that are not freely available to anyone. Did
    the community have sufficient access to review any such normative
    references?

All references are other IETF RFCs.

17. Are there any normative downward references (see [RFC 3967][9] and [BCP
    97
][10]) that are not already listed in the [DOWNREF registry][17]? If so,
    list them.

No.

18. Are there normative references to documents that are not ready to be
    submitted to the IESG for publication or are otherwise in an unclear state?
    If so, what is the plan for their completion?

No.

19. Will publication of this document change the status of any existing RFCs? If
    so, does the Datatracker metadata correctly reflect this and are those RFCs
    listed on the title page, in the abstract, and discussed in the
    introduction? If not, explain why and point to the part of the document
    where the relationship of this document to these other RFCs is discussed.

No, it won't change other RFCs.

20. Describe the document shepherd's review of the IANA considerations section,
    especially with regard to its consistency with the body of the document.
    Confirm that all aspects of the document requiring IANA assignments are
    associated with the appropriate reservations in IANA registries. Confirm
    that any referenced IANA registries have been clearly identified. Confirm
    that each newly created IANA registry specifies its initial contents,
    allocations procedures, and a reasonable name (see [RFC 8126][11]).

The document adds an item to an IANA registry, which is consistent with the rest
of the document.

21. List any new IANA registries that require Designated Expert Review for
    future allocations. Are the instructions to the Designated Expert clear?
    Please include suggestions of designated experts, if appropriate.

No new IANA registries.

[1]: https://www.ietf.org/about/groups/iesg/
[2]: https://www.rfc-editor.org/rfc/rfc4858.html
[3]: https://www.rfc-editor.org/rfc/rfc7942.html
[4]: https://wiki.ietf.org/group/ops/yang-review-tools
[5]: https://www.rfc-editor.org/rfc/rfc8342.html
[6]: https://wiki.ietf.org/group/iesg/ExpertTopics
[7]: https://www.rfc-editor.org/info/bcp79
[8]: https://www.ietf.org/tools/idnits/
[9]: https://www.rfc-editor.org/rfc/rfc3967.html
[10]: https://www.rfc-editor.org/info/bcp97
[11]: https://www.rfc-editor.org/rfc/rfc8126.html
[12]: https://www.rfc-editor.org/rfc/rfc2026.html#section-5
[13]: https://www.rfc-editor.org/rfc/rfc2026.html#section-4.1
[14]: https://www.rfc-editor.org/rfc/rfc2026.html#section-4.2
[15]: https://authors.ietf.org/en/content-guidelines-overview
[16]: https://www.ietf.org/about/groups/iesg/statements/normative-informative-references/
[17]: https://datatracker.ietf.org/doc/downref/

2024-11-05
03 Bron Gondwana IETF WG state changed to Submitted to IESG for Publication from In WG Last Call
2024-11-05
03 Bron Gondwana IESG state changed to Publication Requested from I-D Exists
2024-11-05
03 (System) Changed action holders to Murray Kucherawy (IESG state changed)
2024-11-05
03 Bron Gondwana Responsible AD changed to Murray Kucherawy
2024-11-05
03 Bron Gondwana Document is now in IESG state Publication Requested
2024-11-04
03 Bron Gondwana Added to session: IETF-121: jmap  Tue-1500
2024-08-07
03 Bron Gondwana
# Document Shepherd Write-Up for Group Documents

*This version is dated 4 July 2022.*

Thank you for your service as a document shepherd. Among the …
# Document Shepherd Write-Up for Group Documents

*This version is dated 4 July 2022.*

Thank you for your service as a document shepherd. Among the responsibilities is
answering the questions in this write-up to give helpful context to Last Call
and Internet Engineering Steering Group ([IESG][1]) reviewers, and your
diligence in completing it is appreciated. The full role of the shepherd is
further described in [RFC 4858][2]. You will need the cooperation of the authors
and editors to complete these checks.

Note that some numbered items contain multiple related questions; please be sure
to answer all of them.

## Document History

1. Does the working group (WG) consensus represent the strong concurrence of a
  few individuals, with others being silent, or did it reach broad agreement?

JMAP is a small working group, there's wide consensus that this is a good idea
and quite a few people were vocal in the discussion.

2. Was there controversy about particular points, or were there decisions where
  the consensus was particularly rough?

There was one issue that caused a delay and repeat working-group-last-call
however it was resolved to the satisfaction of all.

3. Has anyone threatened an appeal or otherwise indicated extreme discontent? If
  so, please summarize the areas of conflict in separate email messages to the
  responsible Area Director. (It should be in a separate email because this
  questionnaire is publicly available.)

No.

4. For protocol documents, are there existing implementations of the contents of
  the document? Have a significant number of potential implementers indicated
  plans to implement? Are any existing implementations reported somewhere,
  either in the document itself (as [RFC 7942][3] recommends) or elsewhere
  (where)?

All users of JMAP push either have or will have to implement this, as browsers are
requiring it.

## Additional Reviews

5. Do the contents of this document closely interact with technologies in other
  IETF working groups or external organizations, and would it therefore benefit
  from their review? Have those reviews occurred? If yes, describe which
  reviews took place.

The related working group (webpush) has concluded, however this document has been
discussed with one of the authors of the related document (rfc8292).

6. Describe how the document meets any required formal expert review criteria,
  such as the MIB Doctor, YANG Doctor, media type, and URI type reviews.

There are no export reviews required.

7. If the document contains a YANG module, has the final version of the module
  been checked with any of the [recommended validation tools][4] for syntax and
  formatting validation? If there are any resulting errors or warnings, what is
  the justification for not fixing them at this time? Does the YANG module
  comply with the Network Management Datastore Architecture (NMDA) as specified
  in [RFC 8342][5]?

There's no YANG.

8. Describe reviews and automated checks performed to validate sections of the
  final version of the document written in a formal language, such as XML code,
  BNF rules, MIB definitions, CBOR's CDDL, etc.

There's no formal language section.

## Document Shepherd Checks

9. Based on the shepherd's review of the document, is it their opinion that this
  document is needed, clearly written, complete, correctly designed, and ready
  to be handed off to the responsible Area Director?

Yes, it's clear and ready.

10. Several IETF Areas have assembled [lists of common issues that their
    reviewers encounter][6]. For which areas have such issues been identified
    and addressed? For which does this still need to happen in subsequent
    reviews?

There's no areas that require this kind of review.

11. What type of RFC publication is being requested on the IETF stream ([Best
    Current Practice][12], [Proposed Standard, Internet Standard][13],
    [Informational, Experimental or Historic][14])? Why is this the proper type
    of RFC? Do all Datatracker state attributes correctly reflect this intent?

Proposed Standard, as it extends a proposed standard.

12. Have reasonable efforts been made to remind all authors of the intellectual
    property rights (IPR) disclosure obligations described in [BCP 79][7]? To
    the best of your knowledge, have all required disclosures been filed? If
    not, explain why. If yes, summarize any relevant discussion, including links
    to publicly-available messages when applicable.

The author is not aware of any IPR to disclose.

13. Has each author, editor, and contributor shown their willingness to be
    listed as such? If the total number of authors and editors on the front page
    is greater than five, please provide a justification.

Yes, there's only a single author.

14. Document any remaining I-D nits in this document. Simply running the [idnits
    tool][8] is not enough; please review the ["Content Guidelines" on
    authors.ietf.org][15]. (Also note that the current idnits tool generates
    some incorrect warnings; a rewrite is underway.)

No nits.

15. Should any informative references be normative or vice-versa? See the [IESG
    Statement on Normative and Informative References][16].

All references are normative, and required to be so.

16. List any normative references that are not freely available to anyone. Did
    the community have sufficient access to review any such normative
    references?

All references are other IETF RFCs.

17. Are there any normative downward references (see [RFC 3967][9] and [BCP
    97
][10]) that are not already listed in the [DOWNREF registry][17]? If so,
    list them.

No.

18. Are there normative references to documents that are not ready to be
    submitted to the IESG for publication or are otherwise in an unclear state?
    If so, what is the plan for their completion?

No.

19. Will publication of this document change the status of any existing RFCs? If
    so, does the Datatracker metadata correctly reflect this and are those RFCs
    listed on the title page, in the abstract, and discussed in the
    introduction? If not, explain why and point to the part of the document
    where the relationship of this document to these other RFCs is discussed.

No, it won't change other RFCs.

20. Describe the document shepherd's review of the IANA considerations section,
    especially with regard to its consistency with the body of the document.
    Confirm that all aspects of the document requiring IANA assignments are
    associated with the appropriate reservations in IANA registries. Confirm
    that any referenced IANA registries have been clearly identified. Confirm
    that each newly created IANA registry specifies its initial contents,
    allocations procedures, and a reasonable name (see [RFC 8126][11]).

The document adds an item to an IANA registry, which is consistent with the rest
of the document.

21. List any new IANA registries that require Designated Expert Review for
    future allocations. Are the instructions to the Designated Expert clear?
    Please include suggestions of designated experts, if appropriate.

No new IANA registries.

[1]: https://www.ietf.org/about/groups/iesg/
[2]: https://www.rfc-editor.org/rfc/rfc4858.html
[3]: https://www.rfc-editor.org/rfc/rfc7942.html
[4]: https://wiki.ietf.org/group/ops/yang-review-tools
[5]: https://www.rfc-editor.org/rfc/rfc8342.html
[6]: https://wiki.ietf.org/group/iesg/ExpertTopics
[7]: https://www.rfc-editor.org/info/bcp79
[8]: https://www.ietf.org/tools/idnits/
[9]: https://www.rfc-editor.org/rfc/rfc3967.html
[10]: https://www.rfc-editor.org/info/bcp97
[11]: https://www.rfc-editor.org/rfc/rfc8126.html
[12]: https://www.rfc-editor.org/rfc/rfc2026.html#section-5
[13]: https://www.rfc-editor.org/rfc/rfc2026.html#section-4.1
[14]: https://www.rfc-editor.org/rfc/rfc2026.html#section-4.2
[15]: https://authors.ietf.org/en/content-guidelines-overview
[16]: https://www.ietf.org/about/groups/iesg/statements/normative-informative-references/
[17]: https://datatracker.ietf.org/doc/downref/

2024-08-07
03 Bron Gondwana Notification list changed to brong@fastmailteam.com because the document shepherd was set
2024-08-07
03 Bron Gondwana Document shepherd changed to Bron Gondwana
2024-08-06
03 Daniel Gultsch New version available: draft-ietf-jmap-webpush-vapid-03.txt
2024-08-06
03 Daniel Gultsch New version accepted (logged-in submitter: Daniel Gultsch)
2024-08-06
03 Daniel Gultsch Uploaded new revision
2024-08-01
02 Daniel Gultsch New version available: draft-ietf-jmap-webpush-vapid-02.txt
2024-08-01
02 (System) New version approved
2024-08-01
02 (System) Request for posting confirmation emailed to previous authors: Daniel Gultsch
2024-08-01
02 Daniel Gultsch Uploaded new revision
2024-03-20
01 Bron Gondwana Changed consensus to Yes from Unknown
2024-03-20
01 Bron Gondwana Intended Status changed to Proposed Standard from None
2024-03-20
01 Bron Gondwana IETF WG state changed to In WG Last Call from WG Document
2024-03-19
01 Daniel Gultsch New version available: draft-ietf-jmap-webpush-vapid-01.txt
2024-03-19
01 Daniel Gultsch New version accepted (logged-in submitter: Daniel Gultsch)
2024-03-19
01 Daniel Gultsch Uploaded new revision
2024-02-12
00 Bron Gondwana This document now replaces draft-gultsch-jmap-webpush-vapid instead of None
2024-02-12
00 Daniel Gultsch New version available: draft-ietf-jmap-webpush-vapid-00.txt
2024-02-12
00 Bron Gondwana WG -00 approved
2024-02-11
00 Daniel Gultsch Set submitter to "Daniel Gultsch ", replaces to draft-gultsch-jmap-webpush-vapid and sent approval email to group chairs: jmap-chairs@ietf.org
2024-02-11
00 Daniel Gultsch Uploaded new revision