coi-dev / coi-specs Goto Github PK
View Code? Open in Web Editor NEWSpecifications for COI
License: Mozilla Public License 2.0
Specifications for COI
License: Mozilla Public License 2.0
I hope this is the best place to leave feedback for the push spec in its current form; if not let me know where to put it.
This spec looks broadly fine. Given servers may well be implementing both, it would make a lot of sense to align the specification with JMAP where the semantics are the same, specifically:
Align the naming/structure of the subscription object with the JMAP PushSubscription object
Use the same structure for the push verification object; this is a no brainer, given it's the same data. It makes sense to use the same structure as described in section 7.2.2.
Rather than setting the verification code at a separate path, instead update the PushSubscription object with the code (as the "verificationCode" property); if successful, the subscription is now valid (so the presence of this replaces the need for the "validated" property). This method is no better or worse than the current spec, but it does make it align closely with JMAP which seems worthwhile when there is no good reason not to.
Unless tied to a session-based authorisation mechanism (which it almost certainly won't), the server will want to automatically expire push subscriptions after a certain amount of time if the client does not refresh them. This spec seems to be missing that; I suggest adding it. See the "expiry" property on the PushSubscription object in JMAP. (The client refreshes in JMAP by updating this property; I would suggest something similar in IMAP.)
The payload for push notifications is a JSON-formatted subset of the message. JMAP Mail RFC8621 already has a well-defined structure for this, I would again suggest using it, at least for "from", "subject", "receivedAt" (internal date) or "sentAt" (for the date header in the email), and "messageId". What to do for the body ("content") is more interesting. I would suggest "preview" from the JMAP spec, but it looks like you want to be able to send text/html
or something else too. The current specification is underspecified regarding what is meant to be returned here, so more discussion needed at least.
As a general note, the use of hyphens in JSON property names is very unusual. JMAP uses camelCase, so I would recommend using that, although snake_case is also not uncommon.
Presuming you're bringing this to IETF106, I look forward to discussing this further there or on the EXTRA mailing list.
Seems there is a typo? "ammend" should certainly be "amend"
If an client app sync last (n) messages , is better just to refer to the last know message?
The server has full thread info , so could add that info on behalf of the client and capability "ENABLE COI" is enabled ?
pretty unimportant - anyways: the link in the readme to https://coi-dev.org is not working, since a redirect to https://www.coi-dev.org is not working properly:
$ curl -v https://coi-dev.org
* Trying 137.74.127.233:443...
* TCP_NODELAY set
* connect to 137.74.127.233 port 443 failed: Connection refused
* Failed to connect to coi-dev.org port 443: Connection refused
* Closing connection 0
curl: (7) Failed to connect to coi-dev.org port 443: Connection refused
I hope I'm not late to the party, but this definitely looks like a smaller brother of the widely used production-level software package DeltaChat (native clients for Android & iOS, electron app for Windows, *nix, macOS).
How about aligning both projects?
DeltaChat is much much more mature, is well funded with quite large user base and established developer base, so aligning both seems like a good idea.
Hi,
I live the concept of encrypted messaging over Email, but find the execution not good enough to gain adoption.
As I understand, as of today, to establish an encrypted communication, there should be a 2 ways handshake to exchange the PGP keys, as required by the AutoCrypt protocol.
From an usability and privacy point of view, it's not good.
Can't we take inspiration from QUIC and allow 0 RoundTrip Time encrypted messaging ?
https://blog.cloudflare.com/even-faster-connection-establishment-with-quic-0-rtt-resumption/
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.