What is VAPID and why is it useful?
I've just learned about VAPID recently and have been looking around for the reasoning why it exists and what its purpose is. Mozilla's blog post explains that "including VAPID information will let us contact you if we see a problem", but I'm not exactly sure what they mean by this. Are they doing some sort of monitoring to prevent other people from mimicking your service?
Answer
The abstract of the VAPID specification explains everything:
An application server can voluntarily identify itself to a push service using the described technique. This identification information can be used by the push service to attribute requests that are made by the same application server to a single entity. This can used to reduce the secrecy for push subscription URLs by being able to restrict subscriptions to a specific application server. An application server is further able to include additional information that the operator of a push service can use to contact the operator of the application server.
So there are two reasons for VAPID.
The first is to restrict the validity of a subscription to a specific application server (so, by using VAPID, only your server will be able to send notifications to a subscriber).
The second is to add more information to the push notification, so that the push service operator knows who is sending the notifications. If something is going wrong with your notifications, the operator knows who you are and can contact you. Moreover, they can offer you some kind of interface to monitor your push notifications.