[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Captive-portals] A new draft / idea - draft-wkumari-capport-icmp-unreach

David Bird <[email protected]> wrote:
    > necessary information (like client MAC address, IP address, etc) to
    > format the CP URL that otherwise would have been in a 302 redirect. so,
    > the CP web application can, and should, be using HTTPS.

I don't know how it can use HTTPS given current certificate options.

The only identity that the CP has that the client can verify is it's MAC
address, and that's not currently an option for certificates. (I've argued
that it should be: iLOMs and other (home) appliances have the same problem)

After the 302 redirect, I can see how it could be a redirect *to* a https URL.

Michael Richardson <[email protected]>, Sandelman Software Works
 -= IPv6 IoT consulting =-

Attachment: signature.asc
Description: PGP signature