Re: [Captive-portals] Secdir last call review of draft-ietf-capport-rfc7710bis-04

Erik Kline <> Sun, 03 May 2020 21:58 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5AE093A10EB for <>; Sun, 3 May 2020 14:58:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -9.249
X-Spam-Status: No, score=-9.249 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ICR-D0_JkMXc for <>; Sun, 3 May 2020 14:58:43 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::b2e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 808A93A1152 for <>; Sun, 3 May 2020 14:58:42 -0700 (PDT)
Received: by with SMTP id o139so8181212ybc.11 for <>; Sun, 03 May 2020 14:58:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google; h=mime-version:references:in-reply-to:reply-to:from:date:message-id :subject:to:cc; bh=9t8gzhJxrrhcxOVa+fb/TLAdXyOl1P/+ag6qIYP3y7g=; b=YFVXjbwjHGo3U5BY8s1cIet4NQSiiEY70Cpwa7i6N8fNt133siQpN3NrxYmeFjVp9o iWN8g5KoLxFNIjgaLcMJVaI7U/cVqx3Ib5ZNf5vKFEPqAOWmGKAbDGQTObR1lFQqUSUg QVr9nWeJHom7MA5lijtLMnH6AVJd4ESygzZrs=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:reply-to :from:date:message-id:subject:to:cc; bh=9t8gzhJxrrhcxOVa+fb/TLAdXyOl1P/+ag6qIYP3y7g=; b=GVMXbw0IPinX2ljqqpsY9k4gAn44Sv2hW/+QKzkMTWrFBGah1dcWrEdlQoLi8A9Uu6 Np0pUHrthy9fwbwXY2kvClZOT4g6CIiNzQCDjJGFyDSUbn5haFQdYjOyzFp8srfIky1a /DXxxJ/lfjRmiQBSyN37R5gdvgZ5rqVJntGiz2FbfaEWwEKWivP8llrObOb6UDIl0g8o c3LoLx1zJllWWTSZm35BLENnyaDYoOnldVk3xXWX95E92bd1v8MXy8yg0KTabapYGiAR g61mCEnnKcdZA3qeO+hGcI+9P9zotS+sGPqfBqB5n9PnFNeQdDFZ1JbFQ5zKQj6ew8xe ihvA==
X-Gm-Message-State: AGi0PuY/a/7/i43UmQLo3gmq7ggG8yE+bHQA8IzdwVgX+lt57D2P1kTX XcrrNmRtZwjQZ1Y3z9LmEb0NXrScXkU3LMasFFHjsg==
X-Google-Smtp-Source: APiQypLbLRL0R58TFwZTjo4ilAzy6P0+oKKPL43ZXs2wM8Vua5UoqZZdZMcPYaneHWcSdUe06bQ3oA9ERiFLdYTnX48=
X-Received: by 2002:a25:9384:: with SMTP id a4mr2937271ybm.79.1588543121115; Sun, 03 May 2020 14:58:41 -0700 (PDT)
MIME-Version: 1.0
References: <>
In-Reply-To: <>
From: Erik Kline <>
Date: Sun, 3 May 2020 14:58:29 -0700
Message-ID: <>
To: Rifaat Shekh-Yusef <>
Cc:, captive-portals <>,,
Content-Type: multipart/alternative; boundary="0000000000007244f905a4c584e4"
Archived-At: <>
Subject: Re: [Captive-portals] Secdir last call review of draft-ietf-capport-rfc7710bis-04
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of issues related to captive portals <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 03 May 2020 21:58:44 -0000


Thanks for your reading of the document.

The security section has a paragraph that begins:

   An attacker with the ability to inject DHCP messages or RAs could
   include an option from this document to force users to contact an
   address of his choosing.  As an attacker with this capability could
   simply list himself as the default gateway (and so intercept all the
   victim's traffic); this does not provide them with significantly more
   capabilities, but because this document removes the need for
   interception, the attacker may have an easier time performing the

Do you have any specific ideas for what text might be added to clarify vis.
your concern?  Would a sentence that captures your "the use of TLS and
presenting the identity in the certificate might not be of much help"
observation suffice?


On Fri, 1 May 2020 at 05:10, Rifaat Shekh-Yusef via Datatracker <> wrote:

> Reviewer: Rifaat Shekh-Yusef
> Review result: Has Issues
> Since the use of IP address literal is not forbidden by this document,
> what if
> an attacker with the ability to inject DHCP messages or RAs uses this
> option
> to force the user to contact an IP address of his choosing? In this case,
> the use
> of TLS and presenting the identity in the certificate might not be of much
> help.
> I think this case should be discussed in the security consideration
> section.