webpush-wg / webpush-vapid

Voluntary application server self-identification for web push
3 stars 2 forks source link

Some minor quibbles and two questions #26

Closed x3ro closed 8 years ago

x3ro commented 8 years ago

Found some minor stuff in the draft, and had two questions (below). If I should send those to the list instead, let me know :)

beverloo commented 8 years ago

The concept of an application server does not define the quantity— it's fine for multiple servers to share a single key. Martin added text allowing additional claims (#25) which further clarifies that it's fine to include more specific information, for example which server created the message, which is useful if the push service has means for dealing with this. (E.g. QoS or analytics.)

I don't recall why that's a MAY. We certainly shouldn't forward unauthorized messages for restricted subscriptions to the user. /cc @martinthomson

The changes themselves look good, thanks! :)

x3ro commented 8 years ago

Thanks for the explanation @beverloo. Should I open an issue regarding the MAY?