[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Captive-portals] Fixing RFC 7710

To: Ólafur Guðmundsson <[email protected]>
Subject: Re: [Captive-portals] Fixing RFC 7710
From: Martin Thomson <[email protected]>
Date: Mon, 5 Mar 2018 09:46:34 +1100
Archived-at: <https://mailarchive.ietf.org/arch/msg/captive-portals/bMJwc2sZ0bLZpniC23ezIsnQ1dQ>
Authentication-results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Cc: [email protected], Warren Kumari <[email protected]>, Paul Ebersman <[email protected]>, Steve Sheng <[email protected]>
Delivered-to: [email protected]
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=R3+WkaWV5h2Fd9P9+iElEEsimLrr3uT3Xtp5ofO5vUw=; b=gVUbwwlI0mKVXQe8W3XVI8R+P9DPw4EsJH0EOyCtYW5k80c7VVLj/6zbXmTi3VNwvv fR/wKgDgQBoGfJw59dnEycleyZq71Ap4QcCWnaugix+cyi0Ihhe4R+wh+yjDBA1tZdrt CyP+xECs5gpzqVAapf0vggTGkhyD7FhPQiwBse8zTJRRYUPePP8d2xbuZi6GYRbd+ZZN XZIpyqYL2k7Fnm45FcDVWyqSlZu8QCZsp2BfjwCHDkjbckwjLG0ehJ/O2pBe+y2Etcjq M7WaysaRZ8eAkHUPPmAUPTyDJhtEqxO8vx27on3rO6V31e7gU8UkkJEE0OU75tqY7H0/ 1C8A==
In-reply-to: <CAN6NTqys4p_nQq=by0xkAtEGBj4Smzk0URK1EmisFK8_TLRRSQ@mail.gmail.com>
List-archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-help: <mailto:[email protected]?subject=help>
List-id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-post: <mailto:[email protected]>
List-subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:[email protected]?subject=unsubscribe>
References: <CABkgnnWJMipRtG-p0EoUXmK3u1c2ab-v4xN3WZfm3XL8s08aZA@mail.gmail.com> <CAN6NTqys4p_nQq=by0xkAtEGBj4Smzk0URK1EmisFK8_TLRRSQ@mail.gmail.com>

On Sat, Mar 3, 2018 at 8:58 AM, Ólafur Guðmundsson
<[email protected]> wrote:
> Fixing or make RFC7710 more useful ?

Both, I hope.

Thanks for your reply.

>> Erik and I would like to propose a plan for that work.  We would keep
>> this to addressing the issues that we have identified thus far.
>> Namely:
>>
>> 1. The purpose of the URI is not well defined.  We would reference the
>> capport architecture and API documents for that.  The group would need
>> to decide between:
>>   a. point to the API
>>   b. point to a login page
>>
>
> Our (or at least my thought) was in the beginning,
> just send the device to the location of the portal, as I hate having
> connections intercepted.
> Then the USER could just see that page and decide what to do.

I think that the idea is this:

If the URI is the special one, then the process is done and the
network good to use.
If the URI is special, find the API and check status.  If the portal
says OK, then the network is good to use.
If the API returns captive, open the login page in a browser.

We don't have any more automation than this, but you will observe that
there isn't any probing.  The network can make a clear statement
quickly an unambiguously about access.  If the situation is more
complex (as we have seen that it often is, then it can use the login
page to convey that additional information).

References:
- [Captive-portals] Fixing RFC 7710
  - From: Martin Thomson <[email protected]>
- Re: [Captive-portals] Fixing RFC 7710
  - From: Ólafur Guðmundsson <[email protected]>

Prev by Date: [Captive-portals] Which portion of packet is used for capport enforcement?
Next by Date: Re: [Captive-portals] Fixing RFC 7710
Previous by thread: Re: [Captive-portals] Fixing RFC 7710
Next by thread: Re: [Captive-portals] Fixing RFC 7710
Index(es):
- Date
- Thread