{"draft":"draft-ietf-webpush-vapid-04","doc_id":"RFC8292","title":"Voluntary Application Server Identification (VAPID) for Web Push","authors":["M. Thomson","P. Beverloo"],"format":["ASCII","HTML"],"page_count":"14","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Web-Based Push Notifications","abstract":"An application server can use the Voluntary Application Server\r\nIdentification (VAPID) method described in this document to\r\nvoluntarily identify itself to a push service.  The \"vapid\"\r\nauthentication scheme allows a client to include its identity in a\r\nsigned token with requests that it makes.  The signature can be used\r\nby the push service to attribute requests that are made by the same\r\napplication server to a single entity.  The identification\r\ninformation can allow the operator of a push service to contact the\r\noperator of the application server.  The signature can be used to\r\nrestrict the use of a push message subscription to a single\r\napplication server.","pub_date":"November 2017","keywords":["authentication","restricted","restriction","signature"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC8292","errata_url":null}