[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Captive-portals] Use Case: "Carrier Grade Captive Portal"



On 5/31/17, 9:07 PM, "Martin Thomson" <[email protected]> wrote:

    On 1 June 2017 at 08:23, Livingood, Jason <[email protected]> wrote:
    > In any case, this is very much in scope IMO – so agree with others here. With the rise of IoT compromises the need for these sorts of notifications will only rise and will be critical to maintaining the security & integrity of the Internet.
    
    Just trying to understand this.  Jason, can you expand on your
    assertion that insertion of notices in HTTP messages (I assume
    response bodies) is critical to security & integrity?
    
[JL] I am not suggesting that insertion of notices in HTTP messages is the method to use (it just happens to be how we do it today). I’m merely confirming that others share the same use case specified by the German Federal Office for Information Security. FWIW, I presented on this need at the BoF IIRC. The RFC I referred to has some info as well, but it is not the best method which is why I hope that CAPPORT will provide a better alternative. 

[JL] But let me summarize the malware/hacked IoT device use case. A computing device is compromised and being used as part of a DDoS attack (a la the Dyn attack) or sending spam or doing keylogging or whatever. One alternative is to put them in a walled garden with CAPPORT whereby they have no access from any device in the home or, if the network architecture can do it, no access for only that specific device (other devices have unfettered access). The CAPPORT walled garden page would direct the device(s) or user(s) to a page explaining what the malware is and how to remediate, for example. Another alternative is a method to direct a device to a page / deliver a message about this malware issue without otherwise affecting or constraining their Internet access. In this alternative method, the objective is to get a critical security message to the user (e.g. Device X has malware Y and needs to be fixed ASAP) while not affecting things like gaming, OTT voice, OTT video, etc.

Jason