[Captive-portals] Secdir last call review of draft-ietf-capport-rfc7710bis-04
Rifaat Shekh-Yusef via Datatracker <noreply@ietf.org> Fri, 01 May 2020 12:10 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: captive-portals@ietf.org
Delivered-To: captive-portals@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id EFBE43A1125; Fri, 1 May 2020 05:10:19 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Rifaat Shekh-Yusef via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
Cc: captive-portals@ietf.org, draft-ietf-capport-rfc7710bis.all@ietf.org, last-call@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.128.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <158833501993.21190.4904257765699741589@ietfa.amsl.com>
Reply-To: Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>
Date: Fri, 01 May 2020 05:10:19 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/captive-portals/-HpoBCzx8LlrzU4z9mcrVShWdQs>
Subject: [Captive-portals] Secdir last call review of draft-ietf-capport-rfc7710bis-04
X-BeenThere: captive-portals@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-Post: <mailto:captive-portals@ietf.org>
List-Help: <mailto:captive-portals-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 May 2020 12:10:20 -0000
Reviewer: Rifaat Shekh-Yusef Review result: Has Issues Since the use of IP address literal is not forbidden by this document, what if an attacker with the ability to inject DHCP messages or RAs uses this option to force the user to contact an IP address of his choosing? In this case, the use of TLS and presenting the identity in the certificate might not be of much help. I think this case should be discussed in the security consideration section.
- [Captive-portals] Secdir last call review of draf… Rifaat Shekh-Yusef via Datatracker
- Re: [Captive-portals] Secdir last call review of … Erik Kline
- Re: [Captive-portals] Secdir last call review of … Martin Thomson
- Re: [Captive-portals] Secdir last call review of … Erik Kline
- Re: [Captive-portals] Fwd: [Last-Call] Secdir las… Benjamin Kaduk
- Re: [Captive-portals] Fwd: [Last-Call] Secdir las… Erik Kline
- Re: [Captive-portals] Fwd: [Last-Call] Secdir las… Erik Kline
- Re: [Captive-portals] Fwd: [Last-Call] Secdir las… Barry Leiba
- Re: [Captive-portals] Fwd: [Last-Call] Secdir las… Erik Kline
- Re: [Captive-portals] Fwd: [Last-Call] Secdir las… Erik Kline
- Re: [Captive-portals] Fwd: [Last-Call] Secdir las… Barry Leiba
- Re: [Captive-portals] Secdir last call review of … Martin Thomson
- Re: [Captive-portals] Secdir last call review of … Rifaat Shekh-Yusef
- Re: [Captive-portals] Secdir last call review of … Martin Thomson
- Re: [Captive-portals] Secdir last call review of … Rifaat Shekh-Yusef
- Re: [Captive-portals] Secdir last call review of … Erik Kline
- Re: [Captive-portals] Secdir last call review of … Rifaat Shekh-Yusef
- Re: [Captive-portals] Secdir last call review of … Tommy Pauly
- Re: [Captive-portals] Secdir last call review of … Rifaat Shekh-Yusef
- Re: [Captive-portals] Secdir last call review of … Erik Kline
- Re: [Captive-portals] Secdir last call review of … Rifaat Shekh-Yusef