py_vapid: do not enforce dot in sub claim email host part

[felixrindt]

While developing our django application, we had admin@localhost configured as our site contact address, which was automatically used by our webpush lib. While testing, py_vapid errored complaining that the sub claim wasn't there, even though it was. mailto:admin@localhost wasn't considered as a valid sub claim. I propose not enforcing having a dot in the regex, so people don't have to get frustrated figuring that out like me.

Although I would understand if you would say that a localhost host shouldn't be considered valid in a sub claim. We mitigated by changing our default developing contact address.

[jrconlin]

I feel like I should push back on this one a little bit, but not for the reason you're saying. VAPID is there mostly for Ops folk to have a way to contact the origin if there's a problem, so having something reasonably valid is kind of important. RFC8292 notes that aud should be the origin of the push service URL as either a mailto: or https:.

I took a fairly lazy route on this one, and it's kinda come back to haunt me, so, going to file a proper issue and see about resolving that.

[felixrindt]

Thanks for explaining! :)

[jrconlin]

No worries. Thanks for pointing out the issue!