[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Captive-portals] Review of draft-ietf-capport-rfc7710bis
- To: [email protected]
- Subject: Re: [Captive-portals] Review of draft-ietf-capport-rfc7710bis
- From: "Martin Thomson" <[email protected]>
- Date: Mon, 22 Jul 2019 16:48:57 -0400
- Archived-at: <https://mailarchive.ietf.org/arch/msg/captive-portals/BtgeJBHQIkiaa98aCk1V96LLQjQ>
- Authentication-results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=gEbSr+kb; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=uTheaw68
- Delivered-to: [email protected]
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type; s=fm2; bh=HJ26mVcfN9T3gmLT9jNbXgmLRqrERPM BUcLxja5GhXs=; b=gEbSr+kbqaMbwWSu3pNc+iksAX8axM964/lKLMviFK0Y8h0 nrhsFrsKWRU4VlTnMAXQr2qw0KeieWVNgEyU1/mpnx2099EBc3HbnhhBioznJxwZ n81rf9sAYk0mm2vCkFjrXK13G9uQ9wHnncGpj3zh6qh3B4Sd1SW+4qQJeFdgUNqk EgZgJYWOl09IKh6UY47fOZQQ92Pv5qzSHnZKYiEGd5YLpow9tsr+Jy25I/IWYRYZ 46/I76BiLQThh0yiL6B7RwFWmM24JYRil4QlzfLXXLV8XKGltXPh/fgaUwSVbNv2 0AZvpepawo9pxzZXOuuP5QtAwXqVVo6CdqhOtjQ==
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=HJ26mV cfN9T3gmLT9jNbXgmLRqrERPMBUcLxja5GhXs=; b=uTheaw68ilgQKukRvGhI3A ntshNWIMc6h4h+KKucuROqi/73pK6rJWGF8PqXRW0eIUnJd7t2OtSY8fGcG2b7xO OiSQIgCmmxJLw3VmfhaJq1bMCaI9xvv4YZNEe0ugluGeWyUAqiMoOmvKUaQPFkuk yGh5XeYGJpKVeYqOcdSyCymylkJ9WeRCLiLFAAQ0HPsu9sz+rutZhJTNv24iSrEr XexkgxVUhqCmBz1XDMCMsEslWW79DcT72bnhOLKmEv8OE7JFuMbgWK3LjyEcCSyM usQrYaweQY75I83GvU9h5KF4jh+p+2LnWm5u3Xz/yDPGNMEAyKnGvF/hXQfseFNg ==
- In-reply-to: <[email protected]om>
- List-archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
- List-help: <mailto:[email protected]?subject=help>
- List-id: Discussion of issues related to captive portals <captive-portals.ietf.org>
- List-post: <mailto:[email protected]>
- List-subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:[email protected]?subject=subscribe>
- List-unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:[email protected]?subject=unsubscribe>
- References: <[email protected]om>
- User-agent: Cyrus-JMAP/3.1.6-736-gdfb8e44-fmstable-20190718v2
Thanks for the review Lorenzo.
On Mon, Jul 22, 2019, at 11:17, Lorenzo Colitti wrote:
> 2. I'm surprised that the following text is present. It seems like we
> should disallow IP literals for compatibility with IPv6. But perhaps
> SHOULD is enough here.
> The URI SHOULD NOT contain an IP address literal.
I tend to think that the core goal is that the URI contain a target identity that can be authenticated when accessed over HTTPS.
That generally means that IP literals aren't a good idea, but I wouldn't make this statement. I would instead emphasize that this is an HTTPS URI. Though I would not go into great detail on what that means, I would refer to RFC 7230.
> 3. The section that documents the link relation type should mention
> what should happen if the portal is already open. Should the captive
> portal add this header to probe responses even if the portal is already
> open? if it does not, there is no way for a device to learn the API URL
> if it connects to a portal, logs in, disconnects, and then reconnects,
> because when it reconnects the portal will be open.
Good point. I would be interested in hearing what the working group thinks of this.
To my understanding, this is a problem that exists today. So we may decide not to worry about this particular problem, but just document it. That would make this path less good than other options (like DHCP/RA), but I don't want to encourage networks to intercept EVERY request that passes.