The Internet Engineering Task Force (IETF) nice short article / announcement about privacy of web notifications. HTTPS (HTTP over TLS) is possibly the most widely used security protocol in existence. HTTPS is a two-party protocol; it involves a single client and a single server. This aspect of the protocol limits the ways in which it can be used.
The recently published RFC 8188 provides protocol designers a new option for building multi-party protocols with HTTPS by defining a standardized format for encrypting HTTP message bodies.
The WebPush protocol (RFC 8030) provides an example of the how the encrypted HTTP content coding could be used. The article then goes on and describes parties in WebPush: a user agent (in most cases this is a Web browser), an application server, and a push service.
You’ll also find links to relevant documentation and papers in the article.
[Read More]