I can't make it to the meeting, but I have some random comments about RFC 7710 - from discussions I've had with people.
1) The API shouldn't be where the UE learns about the captive portal URL (it isn't a solution to the problem of "how does every UE get their unique URL to the portal?" as you still need to get UEs uniquely identified by the API as well).
2) We can't assume all network infrastructures have the option of making a unique URL in each DHCP responses.
3) Because of the above, we can't assume the URL will be using HTTPS from the start. (Because, using http for the RFC 7710 URL would allow for the network to redirect thereby uniquely formatting the URL per UE like it does today).
Re-reading the security considerations - in light of the fact that this WG has largely rejected ICMP for 'notification' because of perceived security concerns, and how the API is still bootstrapped by RFC 7710 (which uses ICMPv6 for 'configuration') - the following statement stands out: because this document removes the need for interception, the attacker may have an easier time performing the attack. :)