IETF Logo Mail Archive

Re: [Captive-portals] Questions about PvD/API

Erik Kline <ek@google.com> Wed, 27 September 2017 06:53 UTC

Return-Path: <ek@google.com>
X-Original-To: captive-portals@ietfa.amsl.com
Delivered-To: captive-portals@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 69D66127005 for <captive-portals@ietfa.amsl.com>; Tue, 26 Sep 2017 23:53:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ML3QfpHWk931 for <captive-portals@ietfa.amsl.com>; Tue, 26 Sep 2017 23:53:48 -0700 (PDT)
Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5CCC21241F3 for <captive-portals@ietf.org>; Tue, 26 Sep 2017 23:53:48 -0700 (PDT)
Received: by mail-wm0-x230.google.com with SMTP id b195so14451595wmb.5 for <captive-portals@ietf.org>; Tue, 26 Sep 2017 23:53:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=2kW7Q5sktf9xsPjI32lRIz5w9p1Z7Llpng6qMzAGhS8=; b=fAv9YdED0sjjnrIrO5+LVfw0kRWPLDBipw3StNmWaAWtMsVHOYebSjDrhBccWnmckY 1GITvV5wR6hh/EhpRNVcxESMndjHPmgL6csSwYZv3ie0djGp/aSrR2sQTdPteoQRXzUt ZT0PbylKEfmpKScA+IzA23C3bH8Ta6hmy5KGqs6nFl0rr5vi6gq7k2FSFDLlfywIdtKI HKD13b8ykiZUIDm7P984Kac6whseOyRZx3e1p6HocBZsOk4x0JNMrRCGlK86d6Zp9ne4 rnfYX8m/X5AhgMzdeausxoLVoR4Pcm5gixKtDZTtJoXR7ZNyCi7Dw2jJjiVWh02MnOls GxGg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=2kW7Q5sktf9xsPjI32lRIz5w9p1Z7Llpng6qMzAGhS8=; b=Qf7pvdFokeEKQd1sYrHN8nG8vI9MYi6XqxQVFBuFQC8OWFIKQb8d364WvSkrU19FMO rEHIegkN1Mf4YqdQFc4osoZNheEHLC/VSf2nB3823q929cgZ3SMmmGTwTI2tOiSrfqA1 5fl022sMM1eBQqhzW6QESSLU8Ge3BiNQy6g3mAoXaeHGJKcVQzGXn6wE+tK/DTf6h8Ts ERsFAmtankS1KC64ZUdRMAraKPdkTDpZZiD+OXFSaVOo34bkXuLTmsxL2NSiRVJQYtd5 H/KrevZutPA150FvQQB+V4je/xjUdURg4axC1IAo4zb6Oy4WDziIi5+N2p2Bmq3hnMJz kRcQ==
X-Gm-Message-State: AHPjjUiuv6V+EaQFlWq+r4AgoGrAdcXgbwfLutG4y0maRexQqc3X3FsV l2ORsJCgRSLliLSFKyywCnHR6YCpgmMPhpKthM/aIA==
X-Google-Smtp-Source: AOwi7QCuosklz9xjcWomv+WXlM7GYw4wG0y/nZ7LORQqzZHjUM0wPiMOJI9aMDxah6h8hTs5vQIAz85jAX0TCy48Gio=
X-Received: by 10.28.63.145 with SMTP id m139mr650211wma.5.1506495226557; Tue, 26 Sep 2017 23:53:46 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.28.213.9 with HTTP; Tue, 26 Sep 2017 23:53:25 -0700 (PDT)
In-Reply-To: <CADo9JyUKuSCsUMAF5kZ7w5oL520ws8m6Gt5V_8JQQrKhkpctvA@mail.gmail.com>
References: <CADo9JyU+XGYFWdNeXOBw1O43Pjyn0jZhGxDTb7VbLF+Jg4Xj4w@mail.gmail.com> <CAAedzxq4UhueFW=U-Tuc1gvG8Tapc7VE7BM2Akt9OXuzN3jLyQ@mail.gmail.com> <CADo9JyW0J7xzaosG5PJOFPHMy2g6vZ1cVpW6_YsuOdaKWqumkQ@mail.gmail.com> <A5B74413-32D8-4FE4-BDF7-DAA95266AAF4@apple.com> <CADo9JyUJTPRT9454VdZEM1nwFfxPSrMX3+Uk9i325uboQUya7g@mail.gmail.com> <7B520EA6-7B55-46B1-B084-F1CADF7DE28B@apple.com> <CADo9JyVSW5==nQOUMUUYWj743LmZCUjE9=W-YXnK-KMS-88AoQ@mail.gmail.com> <CABkgnnV1OT_29fdNbCDDJMgeRDNeOM8u2PYA94opo+ujj2=Avw@mail.gmail.com> <CADo9JyUdBZbBmwE0B21ryFuefQEaTiWLHD-w8AZSyWACH9u2dg@mail.gmail.com> <CABkgnnWbhHOmZRsvpEb0XusRtUJUPp7vpdM7V_4nLnC_B-mfKQ@mail.gmail.com> <CADo9JyUP_FWznzDWDO1s9-8B8-hMAUkFAMaa68uUZ1xR8CKHyw@mail.gmail.com> <CAKD1Yr0OrthUda3+ic3g83vWEpBATpcF4Z=4ENNg+ZuyySDMdg@mail.gmail.com> <CADo9JyW=wYh5y87KZrfs56fFze_VkdvUt-hF_SNeokPONxDuGA@mail.gmail.com> <CAKD1Yr2GpTX9NPTNJVbGjF+PxuNNyhgaRNjr0qMW90rVHeM_+g@mail.gmail.com> <98352984-4E92-42EC-97FE-B652C0FC41AF@apple.com> <CADo9JyVzW3TxFCHv=1N=Qsm2Th7gw7Yby8mdG2hOVWQQ_9YGpw@mail.gmail.com> <CAKD1Yr0_ksXDy6Ckc6RuFjYf+t4fiA4dJfAToZjfgrqed4h4QA@mail.gmail.com> <B05E727C-6F8B-438F-8DC9-1B1528CE73A5@apple.com> <D2A19ABBC0147C40BFBB83D1CF3E95F04010655B@wtl-exchp-2.sandvine.com> <CABkgnnXdMDd2BF0r0ekmwxFECSiLPxPruc46BpVTNDCFz8+Tvg@mail.gmail.com> <CADo9JyVUE89QZajqxQ+0ofXY3L5vDSj18cXvFpXG1ViXeCnqhQ@mail.gmail.com> <CABkgnnVX8s5+MPeY=XRnc3Vkmf9gg3GY2-MxhSrVq98B_odGcg@mail.gmail.com> <CADo9JyVetrad0b1WMXfCHhBHy2x2Ew7oM0Stpq4qVfBnWuEtNg@mail.gmail.com> <CABkgnnW4h6RQHtyKfLzOtA4HuuMxfEKYmCnB1HTo5hEMVKQRaw@mail.gmail.com> <CADo9JyW932m0C_OKEHwS_9_S0oH7m-Z9ocM3jTHkumzto6sncw@mail.gmail.com> <CABkgnnWWB6-VtteJZ6o7_FY6haC8r0JPkoY1wMfFtwJ8VKaweg@mail.gmail.com> <CADo9JyV9t6KCf59ykm=+gHrR+CpkwBuKJVfaKpg=wVpZmiermg@mail.gmail.com> <CADo9JyUKuSCsUMAF5kZ7w5oL520ws8m6Gt5V_8JQQrKhkpctvA@mail.gmail.com>
From: Erik Kline <ek@google.com>
Date: Wed, 27 Sep 2017 15:53:25 +0900
Message-ID: <CAAedzxrJr2Kp6QmDXRKLBfj6F71rA+9eJoTQ=Ye8uW7goN5Dow@mail.gmail.com>
To: David Bird <dbird@google.com>
Cc: captive-portals@ietf.org
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="001a114b427cddd3cb055a2640e2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/captive-portals/6591J05f6_8wZf-65XsM8oVkEw4>
Subject: Re: [Captive-portals] Questions about PvD/API
X-BeenThere: captive-portals@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-Post: <mailto:captive-portals@ietf.org>
List-Help: <mailto:captive-portals-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Sep 2017 06:53:50 -0000

On 31 August 2017 at 22:04, David Bird <dbird@google.com> wrote:
> I will add Vincent's (valid) concern about API/PvD: It requires either
> polling or push (over TCP, which does require keepalive for NAT traversal),
> which means stations likely do not go idle on the network, and, in cases
> where a captive portal is possible, but not probable, UEs still have to
> maintain this API/PvD association if they want to ever get notified.

<no hats>

This is a limitation of the current PvD proposal: it's rather
DHCPv6-like in that it lacks a mechanism to inform either all clients
or even a single client of a change in state.

It would be possible to notify all clients of a change in
non-client-specific PvD information by, for example, including a "pvd
generation number" in RAs.  The "ISP is captive portaling you because
you're infected" case can be handled by any such all-clients
notification scheme (e.g. pvd gen ids).  This is because the
architecture as described disconnects and reconnects the home network
and (I presume) every single device in the home is effectively and
equally captive.

But for individual clients, a push notification system for PvD state
changes is not yet immediately obvious to me.  For the specific case
of notifying captive state changes to clients I'm still hoping we can
use your ICMP portal notification option.

v2.23.0 | Report a Bug | By Email