<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Heh, even that can be tricky.
Generally, people will get encryption wrong. Plus, the encrypted
data block will (at least ideally) be an indecipherable bunch of
random bytes. That means that the server should not be able to
read it, or confirm that the data was actually encrypted. Sadly,
this means that someone could "encrypt" with ROT13 and the server
couldn't really verify. Then there's the problem of key
distribution, which is an absolute nightmare to do properly.<br>
<br>
The reason that we have version (and I'll be honest, I kinda
fought that for a pretty long time too) is because it's the very
least amount of meaningful data that can be exchanged between two
parties via a third without too many issues. <br>
<br>
I'm not a lawyer, nor do I play one on TV, nor do I even pretend
to understand international law, but I can tell you that various
global government agencies can require networks to provide
anything from data dumps to "pen registry" devices (a device that
records all data exchanges), often under orders to not disclose
the fact that these devices have occurred. For some sites, that's
just the cost of doing business, but also explains why the
paranoid prefer sites like SpiderOak (which does a fantastic job
making damn sure that they can't read your data at all). <br>
<br>
I'll also be honest, for Mozilla, not handling data is VERY cost
effective. Not dealing with data makes things scale amazingly well
for astoundingly little, so we're doubly inclined to make data
"someone else's problem".<br>
<br>
Ultimately, though, our customers are the ones that make the
decision about whether or not Data is worth all this. They've
pretty much said that they want data. We're trying to balance
that within the WebPush protocol, and by making data optional and
disposable within SimplePush. (Again, nothing 100% there, we're
still debating it internally.) It's also possible to do secure
data exchange between parties using zero knowledge key exchanges
via things like JPAKE, but customer acceptance of that sort of
thing can be difficult.<br>
<br>
Still, more brains == better things, so if there's a brilliant, as
yet undiscovered solution out there, it's definitely worth
thinking about.<br>
<br>
On 2014/10/20 7:18 AM, Lukáš Fryč wrote:<br>
</div>
<blockquote
cite="mid:CAEroY355-4ELXi9gbSS2GG302+jHS=3=ikS_Gvy6zKa27hidKA@mail.gmail.com"
type="cite">
<div dir="ltr">You are right, guys, with storing the messages, we
are hitting the security implications that I didn't think about.
<div><br>
</div>
<div>Right now they have to be handled by third-party providers,
but in this case, we would need to encrypt data, pass
certification, etc, that is rather a target for internal
infrastructure than a cloud service.</div>
<div><br>
</div>
<div>We could probably come with an encryption model that would
allow only given SimplePush retrieve the message, involving
client's private key and version number, but question is
whether that is worth the trouble and complexity.</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Mon, Oct 20, 2014 at 4:03 PM, jr
conlin <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:jrconlin@gmail.com" target="_blank">jrconlin@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">FYI,
Officially, the predecessor for SimplePush will be WebPush,<br>
<a moz-do-not-send="true"
href="https://datatracker.ietf.org/wg/webpush/charter/"
target="_blank">https://datatracker.ietf.org/wg/webpush/charter/</a><br>
which runs on top of HTTP2<br>
<a moz-do-not-send="true" href="http://http2.github.io/"
target="_blank">http://http2.github.io/</a><br>
<br>
Unofficially, data is kind of a pain in the patootie, but
obviously<br>
really handy to have. There are security and privacy issues
a-plenty<br>
when dealing with data storage (HIPPA & subpoenas come
to mind in the<br>
US.) Internally, we're kicking around the idea of allowing
data, but not<br>
allowing storage, (so a device would only get data if it was
actively<br>
connected. If it was offline, it would only get the version
number<br>
update when it reconnected).<br>
<br>
I'm also interested in what y'all come up with.<br>
<div class="HOEnZb">
<div class="h5"><br>
On 10/20/2014 4:58 AM, Lukáš Fryč wrote:<br>
> Hey guys,<br>
><br>
> I'm working on a demo of UPS pushing to iOS,
Android, Windows, as well<br>
> as Firefox OS using our Cordova plugin.<br>
><br>
> But as you know, with FFOS it is not that simple -
since SimplePush<br>
> protocol allows to transfer just incremental
versions, we are not able<br>
> to deliver any interesting message.<br>
><br>
> UnifiedPush Server could be a correct place where
we unify and shield<br>
> our users from this limitation:<br>
><br>
><br>
> my idea is storing the message on UPS under the
SimplePush endpoint<br>
> URL. Once the message with version reaches the
client, he would<br>
> contact UPS to retrieve this message under a key (
pushEndpoint,<br>
> version ).<br>
><br>
> The messages could have default built-in TTL to
allow periodic cleanup.<br>
><br>
> What do you think?<br>
><br>
><br>
> Cheers,<br>
><br>
> ~ Lukas<br>
><br>
><br>
</div>
</div>
<div class="HOEnZb">
<div class="h5">>
_______________________________________________<br>
> aerogear-dev mailing list<br>
> <a moz-do-not-send="true"
href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
> <a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/aerogear-dev"
target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
<br>
_______________________________________________<br>
aerogear-dev mailing list<br>
<a moz-do-not-send="true"
href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
<a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/aerogear-dev"
target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a></div>
</div>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
aerogear-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/aerogear-dev">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a></pre>
</blockquote>
<br>
</body>
</html>