[Captive-portals] Martin Duke's Discuss on draft-ietf-capport-api-07: (with DISCUSS and COMMENT)

Martin Duke via Datatracker <noreply@ietf.org> Sat, 06 June 2020 21:49 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: captive-portals@ietf.org
Delivered-To: captive-portals@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 36EBB3A0D85; Sat, 6 Jun 2020 14:49:19 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Martin Duke via Datatracker <noreply@ietf.org>
To: "The IESG" <iesg@ietf.org>
Cc: draft-ietf-capport-api@ietf.org, capport-chairs@ietf.org, captive-portals@ietf.org, Martin Thomson <mt@lowentropy.net>, mt@lowentropy.net
X-Test-IDTracker: no
X-IETF-IDTracker: 7.1.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Martin Duke <martin.h.duke@gmail.com>
Message-ID: <159148015875.11480.2779938750447142779@ietfa.amsl.com>
Date: Sat, 06 Jun 2020 14:49:19 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/captive-portals/3Zfwt92E98NxRmsTvGe5l7DuLNY>
Subject: [Captive-portals] Martin Duke's Discuss on draft-ietf-capport-api-07: (with DISCUSS and COMMENT)
X-BeenThere: captive-portals@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-Post: <mailto:captive-portals@ietf.org>
List-Help: <mailto:captive-portals-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Jun 2020 21:49:19 -0000

Martin Duke has entered the following ballot position for
draft-ietf-capport-api-07: Discuss

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-capport-api/



----------------------------------------------------------------------
DISCUSS:
----------------------------------------------------------------------

Unless I am misinterpreting the language here, there is a disconnect between
this document and the architecture document.

Sec 2.3 of -architecture says:
At minimum, the API MUST provide: (1) the state of captivity and (2) a URI for
the Captive Portal Server.

But in section 5 user-portal-url is an optional field. Is -architecture
actually levying a requirement on the api spec, or the api server?

I am also confused by this sentence at the end of section 4.1 about failed
authentication: “It may still be possible for the user to access the network by
being redirected to a web portal.”

Who is doing the redirecting here? If authentication has failed, how is this
redirect authenticated and secure against theft of credentials?


----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

This document is otherwise clearly written. Thanks.

As I said in the architecture review, the term for the user portal keeps
changing. Over there it’s called a “Captive Portal Server” and a “web portal
server”. Here it’s a “user-portal.”

One nit:
s/extenal/external