That would make sense into the Sender request, once we don’t have ways to identify if the data was encrypted or not, something like "--header “protected: true” (always optional). For example:

curl -3 -u "{PushApplicationID}:{MasterSecret}"
   -v -H "Accept: application/json" -H "Content-type: application/json”
   --header “protected: true"
   -X POST

   -d '{
      "variants" : ["c3f0a94f-48de-4b77-a08e-68114460857e", "444939cd-ae63-4ce1-96a4-de74b77e3737" ....],
      "categories" : ["someCategory"],
      "alias" : ["user@account.com", "jay@redhat.org", ....],
      "deviceType" : ["iPad", "AndroidTablet", "web"],

      "message": {"key":"value", "key2":"other value", "alert":"HELLO!"},
      "simple-push": "version=123"
   }'

https://SERVER:PORT/CONTEXT/rest/sender

Does it make sense to you? In the future with the key agreement, that might not be necessary.

--
abstractj

On March 13, 2014 at 9:33:07 AM, Sebastien Blanc (scm.blanc@gmail.com) wrote:
> > Shouldn't there be a flag in the request telling the cert and
> passphrase are encrypted or not ? Or maybe the server can detect
> by itself if it's encrypted or not .

_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev