Message Encryption for Web Push
draft-ietf-webpush-encryption-09
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2017-11-28
|
09 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2017-11-20
|
09 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2017-11-16
|
09 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2017-10-20
|
09 | (System) | RFC Editor state changed to EDIT |
2017-10-20
|
09 | (System) | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2017-10-20
|
09 | (System) | Announcement was received by RFC Editor |
2017-10-19
|
09 | (System) | IANA Action state changed to No IC from In Progress |
2017-10-19
|
09 | (System) | IANA Action state changed to In Progress |
2017-10-19
|
09 | Cindy Morgan | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
2017-10-19
|
09 | Cindy Morgan | IESG has approved the document |
2017-10-19
|
09 | Cindy Morgan | Closed "Approve" ballot |
2017-10-19
|
09 | Cindy Morgan | Ballot approval text was generated |
2017-10-19
|
09 | Adam Roach | IESG state changed to Approved-announcement to be sent from Approved-announcement to be sent::AD Followup |
2017-09-03
|
09 | (System) | Sub state has been changed to AD Followup from Revised ID Needed |
2017-09-03
|
09 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA OK - No Actions Needed |
2017-09-03
|
09 | Martin Thomson | New version available: draft-ietf-webpush-encryption-09.txt |
2017-09-03
|
09 | (System) | New version approved |
2017-09-03
|
09 | (System) | Request for posting confirmation emailed to previous authors: Martin Thomson |
2017-09-03
|
09 | Martin Thomson | Uploaded new revision |
2017-08-24
|
08 | Jean Mahoney | Closed request for Last Call review by GENART with state 'No Response' |
2017-08-17
|
08 | Cindy Morgan | IESG state changed to Approved-announcement to be sent::Revised I-D Needed from IESG Evaluation |
2017-08-17
|
08 | Alexey Melnikov | [Ballot Position Update] Position for Alexey Melnikov has been changed to Yes from No Objection |
2017-08-15
|
08 | Ben Campbell | [Ballot comment] Just a few minor and editorial comments: Substantive: - 1: "For efficiency reasons, multiple users of Web Push often share a central … [Ballot comment] Just a few minor and editorial comments: Substantive: - 1: "For efficiency reasons, multiple users of Web Push often share a central agent that aggregates push functionality." Is the "central agent" a push server, application server, or something else? Editorial: -1: "Web Push messages are the payload of an HTTP message " - Plural disagreement. -1.1: Please consider using the boilerplate from RFC 8174. -4, first paragraph: s/ "... some of the length..." / "... sum of the length ..." |
2017-08-15
|
08 | Ben Campbell | [Ballot Position Update] New position, Yes, has been recorded for Ben Campbell |
2017-08-15
|
08 | Suresh Krishnan | [Ballot Position Update] New position, No Objection, has been recorded for Suresh Krishnan |
2017-08-15
|
08 | Eric Rescorla | [Ballot comment] Moving to No Objection because my DISCUSS is fixed in: https://github.com/webpush-wg/webpush-encryption/commit/645a04b3b86ffe10322134e27a3d3c5eb5a8b06b Note, I think technically only the UA needs to do point verification … [Ballot comment] Moving to No Objection because my DISCUSS is fixed in: https://github.com/webpush-wg/webpush-encryption/commit/645a04b3b86ffe10322134e27a3d3c5eb5a8b06b Note, I think technically only the UA needs to do point verification if the app generates a fresh key as implied by S 2. It would also be nice to have a cite to how to do the point verification. This text can be stolen from TLS 1.3. S 1. This document describes how messages sent using this protocol can be secured against inspection, modification and falsification by a Push Service. "forgery" is more customary than falsification. S 3.3. key_info = "WebPush: info" || 0x00 || ua_public || as_public You should make clear that the string is not null-terminated. Ugh, I know. S 3.4. You should clearly separate which pieces are defined in this document and which are defined in the HTTP encryption document. |
2017-08-15
|
08 | Eric Rescorla | [Ballot Position Update] Position for Eric Rescorla has been changed to No Objection from Discuss |
2017-08-15
|
08 | Eric Rescorla | [Ballot discuss] Given that you have a static key on the UA, the security considerations should discuss point verification, or why it's not needed. |
2017-08-15
|
08 | Eric Rescorla | [Ballot comment] S 1. This document describes how messages sent using this protocol can be secured against inspection, modification and falsification by a … [Ballot comment] S 1. This document describes how messages sent using this protocol can be secured against inspection, modification and falsification by a Push Service. "forgery" is more customary than falsification. S 3.3. key_info = "WebPush: info" || 0x00 || ua_public || as_public You should make clear that the string is not null-terminated. Ugh, I know. S 3.4. You should clearly separate which pieces are defined in this document and which are defined in the HTTP encryption document. |
2017-08-15
|
08 | Eric Rescorla | [Ballot Position Update] New position, Discuss, has been recorded for Eric Rescorla |
2017-08-15
|
08 | Kathleen Moriarty | [Ballot comment] Thank you for addressing the SecDir review comments. https://mailarchive.ietf.org/arch/msg/secdir/6wE0iKyBOoUHKsWILu7fdTPHsHw |
2017-08-15
|
08 | Kathleen Moriarty | [Ballot Position Update] New position, No Objection, has been recorded for Kathleen Moriarty |
2017-08-15
|
08 | Warren Kumari | [Ballot comment] Firstly, thanks to Tim Chown for his helpful OpsDir review ( https://datatracker.ietf.org/doc/review-ietf-webpush-encryption-08-opsdir-lc-chown-2017-08-01/ ) and for your response. I only have nits on this … [Ballot comment] Firstly, thanks to Tim Chown for his helpful OpsDir review ( https://datatracker.ietf.org/doc/review-ietf-webpush-encryption-08-opsdir-lc-chown-2017-08-01/ ) and for your response. I only have nits on this document: 1: I reviewed this and draft-ietf-webpush-vapid together. This document uses title case for "User Agent" (and many other terms), while draft-ietf-webpush-vapid and RFC8030 uses lower-case. Consistency would be nice here. 2: Section 2: "In addition to the reasons described in [I-D.ietf-webpush-protocol], this ensures that the authentication secret is not revealed to unauthorized entities, which can be used to generate push messages that will be accepted by the User Agent." -- this is ambiguous / confusing. It is unclear which which is which. I'd suggest rewording to something like "... to unauthorized entities, which would allow that entities to generate push messages that would be accepted by the User Agent as valid" (or similar) 3: Section 7. Security Considerations "In particular, any HTTP header fields are not protected by the content encoding scheme." -- I think you may mean "In particular, no HTTP header fields are protected ..." (or similar) |
2017-08-15
|
08 | Warren Kumari | [Ballot Position Update] New position, No Objection, has been recorded for Warren Kumari |
2017-08-15
|
08 | Spencer Dawkins | [Ballot comment] This is really well written and clear. Thank you for that. I found “for efficiency reasons” in this text For efficiency reasons, … [Ballot comment] This is really well written and clear. Thank you for that. I found “for efficiency reasons” in this text For efficiency reasons, multiple users of Web Push often share a central agent that aggregates push functionality. To be so broad that I wasn’t sure what you were telling the reader. Are there any specific efficiencies that you could call out, so that we’d better understand why central agents are used? And if that’s already written down someplace, adding a pointer would be even better. I’m curious about algorithm agility, but I’m not the person to ask that question ... |
2017-08-15
|
08 | Spencer Dawkins | [Ballot Position Update] New position, Yes, has been recorded for Spencer Dawkins |
2017-08-14
|
08 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2017-08-14
|
08 | Mirja Kühlewind | [Ballot comment] That would have been fixed by the RFC editor but anyway s/[I-D.ietf-webpush-protocol]/[RFC8030]/ |
2017-08-14
|
08 | Mirja Kühlewind | [Ballot Position Update] New position, No Objection, has been recorded for Mirja Kühlewind |
2017-08-14
|
08 | Alexey Melnikov | [Ballot comment] This is a fine document. One nit: 4. Restrictions on Use of "aes128gcm" Content Coding An Application Server MUST encrypt a push … [Ballot comment] This is a fine document. One nit: 4. Restrictions on Use of "aes128gcm" Content Coding An Application Server MUST encrypt a push message with a single record. This allows for a minimal receiver implementation that handles a single record. An application server MUST set the "rs" parameter in the "aes128gcm" content coding header to a size that is greater than the some of the length of the plaintext, the padding s/some/sum ? delimiter (1 octet), any padding, and the authentication tag (16 octets). |
2017-08-14
|
08 | Alexey Melnikov | [Ballot Position Update] New position, No Objection, has been recorded for Alexey Melnikov |
2017-08-01
|
08 | Tim Chown | Request for Last Call review by OPSDIR Completed: Ready. Reviewer: Tim Chown. Sent review to list. |
2017-08-01
|
08 | Adam Roach | IESG state changed to IESG Evaluation from Waiting for Writeup |
2017-08-01
|
08 | Adam Roach | Ballot has been issued |
2017-08-01
|
08 | Adam Roach | [Ballot Position Update] New position, Yes, has been recorded for Adam Roach |
2017-08-01
|
08 | Adam Roach | Created "Approve" ballot |
2017-08-01
|
08 | Adam Roach | Ballot writeup was changed |
2017-08-01
|
08 | (System) | IESG state changed to Waiting for Writeup from In Last Call |
2017-07-31
|
08 | Tero Kivinen | Request for Last Call review by SECDIR Completed: Has Issues. Reviewer: Liang Xia. |
2017-07-17
|
08 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Tim Chown |
2017-07-17
|
08 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Tim Chown |
2017-07-14
|
08 | (System) | IANA Review state changed to IANA OK - No Actions Needed from IANA - Review Needed |
2017-07-14
|
08 | Sabrina Tanamal | (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Services Operator has reviewed draft-ietf-webpush-encryption-08.txt, which is currently in Last Call, and has the following comments: We … (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Services Operator has reviewed draft-ietf-webpush-encryption-08.txt, which is currently in Last Call, and has the following comments: We understand that this document doesn't require any registry actions. While it's often helpful for a document's IANA Considerations section to remain in place upon publication even if there are no actions, if the authors strongly prefer to remove it, we do not object. If this assessment is not accurate, please respond as soon as possible. Thank you, Sabrina Tanamal IANA Services Specialist PTI |
2017-07-13
|
08 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Liang Xia |
2017-07-13
|
08 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Liang Xia |
2017-07-13
|
08 | Jean Mahoney | Request for Last Call review by GENART is assigned to Fernando Gont |
2017-07-13
|
08 | Jean Mahoney | Request for Last Call review by GENART is assigned to Fernando Gont |
2017-07-11
|
08 | Adam Roach | Placed on agenda for telechat - 2017-08-17 |
2017-07-11
|
08 | Amy Vezza | IANA Review state changed to IANA - Review Needed |
2017-07-11
|
08 | Amy Vezza | The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: adam@nostrum.com, Phil Sorber , sorber@apache.org, draft-ietf-webpush-encryption@ietf.org, webpush-chairs@ietf.org, … The following Last Call announcement was sent out: From: The IESG To: IETF-Announce CC: adam@nostrum.com, Phil Sorber , sorber@apache.org, draft-ietf-webpush-encryption@ietf.org, webpush-chairs@ietf.org, webpush@ietf.org Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Message Encryption for Web Push) to Proposed Standard The IESG has received a request from the Web-Based Push Notifications WG (webpush) to consider the following document: - 'Message Encryption for Web Push' as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2017-08-01. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract A message encryption scheme is described for the Web Push protocol. This scheme provides confidentiality and integrity for messages sent from an Application Server to a User Agent. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-webpush-encryption/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-webpush-encryption/ballot/ No IPR declarations have been submitted directly on this I-D. |
2017-07-11
|
08 | Amy Vezza | IESG state changed to In Last Call from Last Call Requested |
2017-07-11
|
08 | Adam Roach | Last call was requested |
2017-07-11
|
08 | Adam Roach | Ballot approval text was generated |
2017-07-11
|
08 | Adam Roach | Ballot writeup was generated |
2017-07-11
|
08 | Adam Roach | IESG state changed to Last Call Requested from AD Evaluation |
2017-07-11
|
08 | Adam Roach | Last call announcement was changed |
2017-07-10
|
08 | Adam Roach | IESG state changed to AD Evaluation from Publication Requested |
2017-06-15
|
08 | Phil Sorber | Matt Miller has a pending review that is editorial in nature. I have submitted this to IESG, but expect a small PR from him soon. |
2017-06-15
|
08 | Phil Sorber | Tag Other - see Comment Log set. |
2017-06-15
|
08 | Phil Sorber | 1. Summary The document shepherd is Phil Sorber. The responsible Area Director is Adam Roach. In this document a message encryption scheme is described for … 1. Summary The document shepherd is Phil Sorber. The responsible Area Director is Adam Roach. In this document a message encryption scheme is described for the Web Push protocol. This scheme provides confidentiality and integrity for messages sent from an Application Server to a User Agent. 2. Review and Consensus The document had consensus in the working group, but there was not a lot of activity. I became chair of the working group after most discussion had concluded, but reading back through the mailing list there did appear to be thoughtful discussion on it. There is an implementation in the works for at least one browser. I reviewed it and only had minor edits. I asked Matt Miller to also do an in-depth review with regard to the cryptographic content of the draft, and he only had editorial comments. I do believe this document is ready for publication. 3. Intellectual Property The author has confirmed conformance with BCP 78/79. There are no IPR disclosures on the document. 4. Other Points There are four normative downrefs. Three are to non-RFC references and one to RFC 5869 which is on the DOWNREF registry. All are cryptography related. Non-RFC normative reference: ref. 'ECDH' Non-RFC normative reference: ref. 'FIPS180-4' Non-RFC normative reference: ref. 'FIPS186' Normative reference to an Informational RFC: RFC 5869 There are no IANA considerations and the author has left a note to the RFC editor to remove that section for publication. |
2017-06-15
|
08 | Phil Sorber | Responsible AD changed to Adam Roach |
2017-06-15
|
08 | Phil Sorber | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
2017-06-15
|
08 | Phil Sorber | IESG state changed to Publication Requested |
2017-06-15
|
08 | Phil Sorber | IESG process started in state Publication Requested |
2017-06-15
|
08 | Phil Sorber | Changed document writeup |
2017-05-13
|
08 | Phil Sorber | IETF WG state changed to WG Consensus: Waiting for Write-Up from WG Document |
2017-05-13
|
08 | Phil Sorber | Changed consensus to Yes from Unknown |
2017-05-13
|
08 | Phil Sorber | Intended Status changed to Proposed Standard from None |
2017-04-25
|
08 | Phil Sorber | Sorry, moved the wrong one, my bad. |
2017-04-25
|
08 | Phil Sorber | IETF WG state changed to WG Document from WG Consensus: Waiting for Write-Up |
2017-04-25
|
08 | Phil Sorber | Notification list changed to Phil Sorber <sorber@apache.org> |
2017-04-25
|
08 | Phil Sorber | Document shepherd changed to Phil Sorber |
2017-04-25
|
08 | Phil Sorber | IETF WG state changed to WG Consensus: Waiting for Write-Up from WG Document |
2017-02-13
|
08 | Martin Thomson | New version available: draft-ietf-webpush-encryption-08.txt |
2017-02-13
|
08 | (System) | New version approved |
2017-02-13
|
08 | (System) | Request for posting confirmation emailed to previous authors: "Martin Thomson" |
2017-02-13
|
08 | Martin Thomson | Uploaded new revision |
2016-12-21
|
07 | Martin Thomson | New version available: draft-ietf-webpush-encryption-07.txt |
2016-12-21
|
07 | (System) | New version approved |
2016-12-21
|
07 | (System) | Request for posting confirmation emailed to previous authors: "Martin Thomson" |
2016-12-21
|
07 | Martin Thomson | Uploaded new revision |
2016-10-31
|
06 | Martin Thomson | New version available: draft-ietf-webpush-encryption-06.txt |
2016-10-31
|
06 | (System) | New version approved |
2016-10-31
|
05 | (System) | Request for posting confirmation emailed to previous authors: "Martin Thomson" |
2016-10-31
|
05 | Martin Thomson | Uploaded new revision |
2016-10-31
|
05 | Martin Thomson | New version available: draft-ietf-webpush-encryption-05.txt |
2016-10-31
|
05 | (System) | New version approved |
2016-10-31
|
04 | (System) | Request for posting confirmation emailed to previous authors: "Martin Thomson" |
2016-10-31
|
04 | Martin Thomson | Uploaded new revision |
2016-10-31
|
04 | (System) | Request for posting confirmation emailed to previous authors: "Martin Thomson" |
2016-10-31
|
04 | Martin Thomson | Uploaded new revision |
2016-10-09
|
04 | Martin Thomson | New version available: draft-ietf-webpush-encryption-04.txt |
2016-10-09
|
04 | (System) | New version approved |
2016-10-09
|
03 | (System) | Request for posting confirmation emailed to previous authors: "Martin Thomson" |
2016-10-09
|
03 | Martin Thomson | Uploaded new revision |
2016-06-29
|
03 | Martin Thomson | New version available: draft-ietf-webpush-encryption-03.txt |
2016-03-20
|
02 | Martin Thomson | New version available: draft-ietf-webpush-encryption-02.txt |
2015-10-19
|
01 | Martin Thomson | New version available: draft-ietf-webpush-encryption-01.txt |
2015-10-16
|
00 | Shida Schubert | This document now replaces draft-thomson-webpush-encryption instead of None |
2015-10-16
|
00 | Martin Thomson | New version available: draft-ietf-webpush-encryption-00.txt |