[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Captive-portals] Use Case: "Carrier Grade Captive Portal"

To: Gunther Nitzsche <[email protected]>
Subject: Re: [Captive-portals] Use Case: "Carrier Grade Captive Portal"
From: David Bird <[email protected]>
Date: Thu, 18 May 2017 06:04:00 -0700
Archived-at: <https://mailarchive.ietf.org/arch/msg/captive-portals/f5Gzqms68B_5SIa9pIr8QKuXLcQ>
Authentication-results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Cc: Heiko Folkerts <[email protected]>, "Herzig, Willi" <[email protected]>, [email protected]
Delivered-to: [email protected]
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=ycszvtzGCnge8WvpVl1HlCEmY6+3R9rr3fZyO2MWU5Y=; b=hBYNzA075FOL1HnWY2/ENvED3Dxhnp3HYNkC98CGF7JnD8eZc72DN3sAO7qEAFmoKu wAQ0qwwUi/p+ZZKnd8VTbHJcexIeh/dIyOtivJoQkocs0ebSlunlLQIZckXg0ymEISyz 9PfOr5y61CACCqF7wS2LySg2QttxDAgdoPQum2Z2Y+nFmQjdtxO3B6vQTuZjafDH86Vz Fo2Qk98gDnmpSipfDsZs2cAQVJ83T4lX+VW2EqgfeB5RMM3hngQ4mNms/wiuDdcCfqVh DwjMvHUsLMrD5pwIgCsxL+VgXB6xvHEwr0+Re8lW4XytHn7cggsAlsqEhbH/S8G88/V8 HdCA==
In-reply-to: <[email protected]>
List-archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-help: <mailto:[email protected]?subject=help>
List-id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-post: <mailto:[email protected]>
List-subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:[email protected]?subject=unsubscribe>
References: <[email protected]> <[email protected]> <CADo9JyVdkzrtWE6RMt3CVYCkHrdB=+LKA9eDazN8Xf+R=Vza_Q@mail.gmail.com> <[email protected]>

while I support the opinion to stop breaking/redirecting https and do
proper signaling with icmp instead,
I do not see working setups in real world scenarios without sending a
http-status code leading
to specific browser's behaviour (outside of the mobile world). Otherwise
the customer is left alone with a
browser showing an error page.

(If there would be a possibility to trigger a webpage with a
capportdetection - icmp unreachable message,
that would be great.. any hints welcome. Very well possible that I just
overlooked something..)

In my opinion, there already exists an HTTP status code that leads to specific browser behavior (redirecting to captive portal). The problem is that even with HTTP (over TLS), this falls apart (without doing 443 hijacking). We could perhaps define something for HTTPS, but are we then going to make every protocol "captive portal" compliant? Hence the reason to use ICMP - it will work with any protocol.

References:
- [Captive-portals] Use Case: "Carrier Grade Captive Portal"
  - From: Heiko Folkerts <[email protected]>
- Re: [Captive-portals] Use Case: "Carrier Grade Captive Portal"
  - From: Gunther Nitzsche <[email protected]>
- Re: [Captive-portals] Use Case: "Carrier Grade Captive Portal"
  - From: David Bird <[email protected]>
- Re: [Captive-portals] Use Case: "Carrier Grade Captive Portal"
  - From: Gunther Nitzsche <[email protected]>

Prev by Date: Re: [Captive-portals] Use Case: "Carrier Grade Captive Portal"
Next by Date: Re: [Captive-portals] Use Case: "Carrier Grade Captive Portal"
Previous by thread: Re: [Captive-portals] Use Case: "Carrier Grade Captive Portal"
Next by thread: Re: [Captive-portals] Use Case: "Carrier Grade Captive Portal"
Index(es):
- Date
- Thread