[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Captive-portals] Arguments against (any) Capport "API"

To: "captive-portals\@ietf.org" <[email protected]>
Subject: Re: [Captive-portals] Arguments against (any) Capport "API"
From: Michael Richardson <[email protected]>
Date: Thu, 06 Apr 2017 11:20:26 -0400
Archived-at: <https://mailarchive.ietf.org/arch/msg/captive-portals/pObrrl6Os5u5eyALIbaB1toiywI>
Comments: In-reply-to David Bird <[email protected]> message dated "Wed, 05 Apr 2017 14:37:53 -0700."
Delivered-to: [email protected]
In-reply-to: <CADo9JyW47Uiw51w8Bhgvv9D23tPPFa0u8EVH50etB8CsE91PBw@mail.gmail.com>
List-archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-help: <mailto:[email protected]?subject=help>
List-id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-post: <mailto:[email protected]>
List-subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:[email protected]?subject=unsubscribe>
References: <CADo9JyU2wiEBB4L7ADSybt9se7jCN764JSEoHuGTcuiU_jDscQ@mail.gmail.com> <[email protected]> <CADo9JyVr07w5GRpF+UzSBHRuo=V=3p9MeyhFdzB+5pZk7_amNw@mail.gmail.com> <D76BBBCF97F57144BB5FCF08007244A77059CE49@wtl-exchp-1.sandvine.com> <CADo9JyUnOfXSfXufzSk=QajyG2KXQfKzmQayca1kitRoAuwsqg@mail.gmail.com> <[email protected]> <CADo9JyXPUPLU4aKueT7HxTU1CYfY=HrhqRz0OcCu4z1AivP-hg@mail.gmail.com> <E8355113905631478EFF04F5AA706E9870579488@wtl-exchp-1.sandvine.com> <CADo9JyW47Uiw51w8Bhgvv9D23tPPFa0u8EVH50etB8CsE91PBw@mail.gmail.com>

David Bird <[email protected]> wrote:
    > A note about capport detection evasion: It is not always on purpose...
    > As more hotspots do "social login" applications, they are opening up
    > the walled garden surprisingly wide to get that to work...

I think that within the Android ecosystem (which I know a lot about), that it
should be possible to form an intent from the captive browser to the system
to invoke the appropriate app and return an OAUTH2 token.  This doesn't have
to happen within JS from within the captive browser.  I imagine that iOS
ecosystem can handle something similar, but I believe that it hasn't (yet?) got
Intents that are as flexible.

On a desktop system there are fewer options, but given dbus, and
OSX/microsoft equivalents, I don't see why it couldn't happen.
The "gcalapi" python script nicely asks my browser for an oauth token today.

--
Michael Richardson <[email protected]>, Sandelman Software Works
 -= IPv6 IoT consulting =-

Attachment: signature.asc
Description: PGP signature

References:
- [Captive-portals] Arguments against (any) Capport "API"
  - From: David Bird <[email protected]>
- Re: [Captive-portals] Arguments against (any) Capport "API"
  - From: Mikael Abrahamsson <[email protected]>
- Re: [Captive-portals] Arguments against (any) Capport "API"
  - From: David Bird <[email protected]>
- Re: [Captive-portals] Arguments against (any) Capport "API"
  - From: Kyle Larose <[email protected]>
- Re: [Captive-portals] Arguments against (any) Capport "API"
  - From: David Bird <[email protected]>
- Re: [Captive-portals] Arguments against (any) Capport "API"
  - From: Christian Saunders <[email protected]>
- Re: [Captive-portals] Arguments against (any) Capport "API"
  - From: David Bird <[email protected]>
- Re: [Captive-portals] Arguments against (any) Capport "API"
  - From: Dave Dolson <[email protected]>
- Re: [Captive-portals] Arguments against (any) Capport "API"
  - From: David Bird <[email protected]>

Prev by Date: Re: [Captive-portals] Arguments against (any) Capport "API"
Next by Date: Re: [Captive-portals] Arguments against (any) Capport "API"
Previous by thread: Re: [Captive-portals] Arguments against (any) Capport "API"
Next by thread: Re: [Captive-portals] Arguments against (any) Capport "API"
Index(es):
- Date
- Thread