IETF Logo Mail Archive

Re: [Captive-portals] Use Case: "Carrier Grade Captive Portal"

Erik Kline <ek@google.com> Mon, 12 June 2017 06:17 UTC

Return-Path: <ek@google.com>
X-Original-To: captive-portals@ietfa.amsl.com
Delivered-To: captive-portals@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9AAE129C00 for <captive-portals@ietfa.amsl.com>; Sun, 11 Jun 2017 23:17:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id shIgbWZPZirN for <captive-portals@ietfa.amsl.com>; Sun, 11 Jun 2017 23:17:40 -0700 (PDT)
Received: from mail-yw0-x22f.google.com (mail-yw0-x22f.google.com [IPv6:2607:f8b0:4002:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C432B129BF8 for <captive-portals@ietf.org>; Sun, 11 Jun 2017 23:17:39 -0700 (PDT)
Received: by mail-yw0-x22f.google.com with SMTP id e142so24940227ywa.1 for <captive-portals@ietf.org>; Sun, 11 Jun 2017 23:17:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=HZCrOu5OIb4q4iH0QTu0NwSK73Nqc9gWDI+nDybhCY8=; b=mLpunfSO3XU95e51fO3OlhAhWrdHJgDP/EzeNmrUqAYSP0tzNSym52A3uia/9LY0ux V66sK+PgUs9N9JB40NstEYdOkvrL80mb3X9f/7FMoype1gIfcssltLysgQcg9IL2o5+N kMz3wDOIT8v5ecsm/4yurCP843EAk3VQjQIBrP5hIYu2mLMd0LwqDZrbcwfDc1EutphU 3xN0up004XQK+k8281SctLm+gWpIWaQls6JOSWwJCFCts9Mhhn9suGjPbDAHEgHTiatv m3wrm0K+saNkIDi7vun1RXB3zbIQBp6xGOOMI+Zi/i2+WhjxuRoHRqLD5D2XatUQKPkx Zzfw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=HZCrOu5OIb4q4iH0QTu0NwSK73Nqc9gWDI+nDybhCY8=; b=A61kCqfKZsLj3Q+0uVwum8V1MtySwycWo4JCD7YnwGZhzY1f+eoDxATgfFqp0xBZ/e NXCOzPK61H+rSgZcb2YK91KRog1ZpfpreHGULRkh14vvlvtXEU4vHB43Zvh5MKx8Pf1/ hx0xsCKMZfzq9n2HZPRGVZPp0DrzmV0ktELDc6Gd5qVkBPdlROadlIT1/VgI4NgNIINI j7iqsJKoSYY9e/8AhlFlVjVjLN5e9sviRoM1wx+ItxqLZuLcN9g8GkvNJB4dSOaoBmhL hr+u9Kho+v8T/8eaju1zSm4fSv57rzsWqopAxPsfbivjkSsVh2/rMrOCdXAGqbC7oGaR iefA==
X-Gm-Message-State: AODbwcDFc801XxiBaAh88CK/5SlONTtqdSkH6Fs0Rl5Jf8/5G0PA2g6s 5yLtloP86VVIs1g48pf7QufY/dw7m4Hg
X-Received: by 10.13.206.133 with SMTP id q127mr10210909ywd.114.1497248258828; Sun, 11 Jun 2017 23:17:38 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.37.50.141 with HTTP; Sun, 11 Jun 2017 23:17:18 -0700 (PDT)
In-Reply-To: <754719c5-c74c-fbdc-405e-b8c91478c0a5@netcologne.de>
References: <201705031442.50683.heiko.folkerts@bsi.bund.de> <E8355113905631478EFF04F5AA706E98705C6C57@wtl-exchp-1.sandvine.com> <CAHw9_iJARf4MUA8nHqHA54jLvJNq-_Vek67A-rjHpSK6vC7r+Q@mail.gmail.com> <1BB90528-B35F-43F0-AF18-0215DC735FF0@cable.comcast.com> <CABkgnnWT6Xtqyx6pofpNOGa5E1FjJO1gPX1axmmiRaMnzxdoPg@mail.gmail.com> <AD3F2B14-E9AD-4156-96A6-9B83F8545B54@cable.comcast.com> <754719c5-c74c-fbdc-405e-b8c91478c0a5@netcologne.de>
From: Erik Kline <ek@google.com>
Date: Mon, 12 Jun 2017 15:17:18 +0900
Message-ID: <CAAedzxoZkuauME8n3B3aZqE1rra8p2hB9rGJLqoYyVi8usnx+g@mail.gmail.com>
To: Gunther Nitzsche <gnitzsche@netcologne.de>, Mark Townsley <townsley@cisco.com>
Cc: "Livingood, Jason" <Jason_Livingood@comcast.com>, Martin Thomson <martin.thomson@gmail.com>, Heiko Folkerts <heiko.folkerts@bsi.bund.de>, "captive-portals@ietf.org" <captive-portals@ietf.org>, "Herzig, Willi" <willi.herzig@bsi.bund.de>, Warren Kumari <warren@kumari.net>, Dave Dolson <ddolson@sandvine.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="001a114e4e5ea227c70551bd461a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/captive-portals/-sBHdRItt5A3ROxuvKOjo-YuuM8>
Subject: Re: [Captive-portals] Use Case: "Carrier Grade Captive Portal"
X-BeenThere: captive-portals@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-Post: <mailto:captive-portals@ietf.org>
List-Help: <mailto:captive-portals-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Jun 2017 06:17:42 -0000

>
> (the 511 error page does not seem to be the worst variant.. if the user
> sees an error in the browser
> then the next reload puts him to the correct walled garden page)
>

Some observations, and questions for the working group.

I'm not sure we have enough input on whether 511 is useful or not.  There
seemed to be some suggestion it would help, and some that it wouldn't.
Perhaps one question we could ask is whether it's harmful?  And if we agree
it's not harmful, is it worth developing some recommendations for its use?

As for the ICMP unreachable option, I certainly don't think it would be
harmful (with the extra URL bits removed for now).  Is that something we
wish to progress?

Given that we're probably looking at a portal detection method based on
entirely new work, it seems to me we're free to look at new things like
utilizing the PVD detection scheme (DNS queries for "provisioning domain
names", followed by other interaction still TBD).  Have the portal
implementors reviewed this and given consideration as to whether its
useful?  (I think of the discovery of the portal and subsequent interaction
with it as 2 separate processes conducted, obviously, in serial.)

Thoughts?

v2.23.0 | Report a Bug | By Email