Re: [Captive-portals] practicality of 511 HTTP status code

To: Julian Reschke <[email protected]>

Subject: Re: [Captive-portals] practicality of 511 HTTP status code

From: David Bird <[email protected]>

Date: Tue, 27 Jun 2017 09:12:20 -0700

Archived-at: <https://mailarchive.ietf.org/arch/msg/captive-portals/mQVEejYJpP8smFX1rUho5GqGly0>

Authentication-results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com

Cc: Dave Dolson <[email protected]>, Mark Nottingham <[email protected]>, "[email protected]" <[email protected]>

Delivered-to: [email protected]

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=cLv3OSZGy5LdaYM1yrMBIQd3953QrrsuM64FqKgFS9E=; b=s/D25+sLZmC+8t/qzxHy09p+GD+fvE75oWaqUFGY7vGx1JzqAnMXwYa5gBM8JIuseh ikRg3uqjQrapTdoc4puvAOSPNeekJWaQlPkY6Bwq8v33N6MFjTMDzNOnXkvPSJrhex4e LgHpymPD0FCqDvbdiXdkHTj1D3sp7gbIVKAQFWHpe453phaPXqLLd43jvNaTdvlr3lut CR75Clu68OBOXo6ZnhLPV5xuC1nVuPyVRMc3+kToFqWMqQyiZWE2wlJFTI9FquEHhK3I T6FtkKmHv3GfET+kCs5Xl7yPK2YXN0aHDoaXVXQSNImGu6Jul9goPIkkGEgA771ertGm 3+oQ==

In-reply-to: <[email protected]>

List-archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>

List-help: <mailto:[email protected]?subject=help>

List-id: Discussion of issues related to captive portals <captive-portals.ietf.org>

List-post: <mailto:[email protected]>

List-subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:[email protected]?subject=subscribe>

List-unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:[email protected]?subject=unsubscribe>

References: <CAAedzxrPo+qSBWP23=fpwG0ZzBrdOMgs0gykAxOPSFbojeR79A@mail.gmail.com> <CADo9JyVrO6fcOtYXc=VtrfmhFsYdHY=3t4nM2xLG3CBnzizWJQ@mail.gmail.com> <D2A19ABBC0147C40BFBB83D1CF3E95F03FEB4A22@wtl-exchp-2.sandvine.com> <E8355113905631478EFF04F5AA706E987061F965@wtl-exchp-1.sandvine.com> <[email protected]> <E8355113905631478EFF04F5AA706E987061FA7F@wtl-exchp-1.sandvine.com> <[email protected]> <E8355113905631478EFF04F5AA706E9870624A0B@wtl-exchp-1.sandvine.com> <[email protected]>

On Tue, Jun 27, 2017 at 8:55 AM, Julian Reschke <[email protected]> wrote:

On 2017-06-27 16:56, Dave Dolson wrote:

Mark, thanks for the info about 511.

But to the working group, I think this discussion about HTTP status codes is a distraction.

I think the ICMP approach is a superior solution that doesn't require modification of transport-layer data.

Redirection of clear-text HTTP is an existing practice. It will continue for some time;

Yes.

but there is no need to tweak it, since tweaks would not be recognized by existing software anyhow...

Existing software == browsers? They should be totally OK with 511. Do you have evidence to the contrary?

...

It would be interesting to have a review of browsers and how they handle 511. Most browsers are probably "OK" with 511, but how about the venue? That would depend on if the user experience is broken, or not as desirable. A venue/operator could just use _javascript_ to redirect (if the sandboxed browser environment allows it) as suggested, but assuming the browser didn't otherwise 'break' the UX, how is that different from a 30X redirect? Sure, some headless Apps making API calls might be 'broken' with unexpected results, but do we care? Those developers should use TLS, not follow redirects, and write robust software with exception handling..