[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Captive-portals] Review of draft-ietf-capport-rfc7710bis

Thanks for the extra info David,

On Thu, Jul 25, 2019, at 10:10, David Bird wrote:
> However, who would own the API SSL cert? Often times, the "hotspot 
> services company" isn't the owner of the WLAN Controller. Ideally, the 
> venue is buying their own certs and installing them in their own gear.. 
> but, is that what will happen in practice? I could also imagine that 
> hotspot services companies will see the API an extension of their 
> service and want to control it... so, my question is, how will vendors 
> implement this? 

One possibility is to have the device phone home for a globally unique name, and maybe even a certificate (or it could implement an ACME client on its own).  It's a trick that some small devices already use.

I appreciate that this is not a trivial operation, but nor is it massively complex.