Re: [Captive-portals] practicality of 511 HTTP status code
Dave Dolson <ddolson@sandvine.com> Tue, 27 June 2017 14:56 UTC
Return-Path: <ddolson@sandvine.com>
X-Original-To: captive-portals@ietfa.amsl.com
Delivered-To: captive-portals@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0FC16129B64 for <captive-portals@ietfa.amsl.com>; Tue, 27 Jun 2017 07:56:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id spmApVBHGVUk for <captive-portals@ietfa.amsl.com>; Tue, 27 Jun 2017 07:56:30 -0700 (PDT)
Received: from mail1.sandvine.com (mail1.sandvine.com [64.7.137.165]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA092129B5D for <captive-portals@ietf.org>; Tue, 27 Jun 2017 07:56:29 -0700 (PDT)
Received: from BLR-EXCHP-2.sandvine.com (192.168.196.172) by WTL-EXCHP-3.sandvine.com (192.168.196.177) with Microsoft SMTP Server (TLS) id 14.3.319.2; Tue, 27 Jun 2017 10:56:28 -0400
Received: from WTL-EXCHP-1.sandvine.com ([fe80::ac6b:cc1e:f2ff:93aa]) by blr-exchp-2.sandvine.com ([::1]) with mapi id 14.03.0319.002; Tue, 27 Jun 2017 10:56:28 -0400
From: Dave Dolson <ddolson@sandvine.com>
To: Mark Nottingham <mnot@mnot.net>
CC: "captive-portals@ietf.org" <captive-portals@ietf.org>
Thread-Topic: [Captive-portals] practicality of 511 HTTP status code
Thread-Index: AQHSxwjSIR4ujCHIEk2JPkRI6Cld3aHpdqUAgAAJPICASYFSsIAAUnSA//++cpCAALY5gIAFT3VA
Date: Tue, 27 Jun 2017 14:56:27 +0000
Message-ID: <E8355113905631478EFF04F5AA706E9870624A0B@wtl-exchp-1.sandvine.com>
References: <CAAedzxrPo+qSBWP23=fpwG0ZzBrdOMgs0gykAxOPSFbojeR79A@mail.gmail.com> <CADo9JyVrO6fcOtYXc=VtrfmhFsYdHY=3t4nM2xLG3CBnzizWJQ@mail.gmail.com> <D2A19ABBC0147C40BFBB83D1CF3E95F03FEB4A22@wtl-exchp-2.sandvine.com> <E8355113905631478EFF04F5AA706E987061F965@wtl-exchp-1.sandvine.com> <6c04ed2c-9d26-eb9d-b4e3-5205845d0fa4@gmx.de> <E8355113905631478EFF04F5AA706E987061FA7F@wtl-exchp-1.sandvine.com> <C1A75CC1-696D-4C9D-BF97-4835BB82DEA3@mnot.net>
In-Reply-To: <C1A75CC1-696D-4C9D-BF97-4835BB82DEA3@mnot.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.200.114]
x-c2processedorg: b2f06e69-072f-40ee-90c5-80a34e700794
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/captive-portals/CTB7M1IgWKzAjKmyVY_kzBPR93I>
Subject: Re: [Captive-portals] practicality of 511 HTTP status code
X-BeenThere: captive-portals@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-Post: <mailto:captive-portals@ietf.org>
List-Help: <mailto:captive-portals-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Jun 2017 14:56:32 -0000
Mark, thanks for the info about 511. But to the working group, I think this discussion about HTTP status codes is a distraction. I think the ICMP approach is a superior solution that doesn't require modification of transport-layer data. Redirection of clear-text HTTP is an existing practice. It will continue for some time; but there is no need to tweak it, since tweaks would not be recognized by existing software anyhow... Redirection of encrypted HTTP should be discouraged. The ICMP notification allows HTTPS traffic (and all other IPv4/6 traffic) to be notified of the captive network. -Dave -----Original Message----- From: Mark Nottingham [mailto:mnot@mnot.net] Sent: Friday, June 23, 2017 9:32 PM To: Dave Dolson Cc: Julian F. Reschke; Vincent van Dam; David Bird; Erik Kline; captive-portals@ietf.org Subject: Re: [Captive-portals] practicality of 511 HTTP status code The idea behind 511 was that it's an explicit signal that the response is NOT from the origin. The payload will be displayed by browsers that don't understand its semantics, and you can use JS or http-equiv redirects if you want to send that user somewhere else. The real value only comes when a) browsers understand its semantics, and b) a payload format is designed to do something interesting with them. Cheers, > On 24 Jun 2017, at 4:53 am, Dave Dolson <ddolson@sandvine.com> wrote: > > Probably all of those codes are used, as well as 200 (with content). > We could debate which is best, but that's a distraction, since we want portals to stop pretending to be the real end-point. > (FWIW, I think 301 is a bad idea, since later requests should try the real URI again.) > > My hypothesis is that 511 is an acceptable thing to send an old (pre-RFC6585) device, when there is no expectation of causing user interaction. > > -Dave > > -----Original Message----- > From: Julian Reschke [mailto:julian.reschke@gmx.de] > Sent: Friday, June 23, 2017 2:34 PM > To: Dave Dolson; Vincent van Dam; David Bird; Erik Kline > Cc: captive-portals@ietf.org > Subject: Re: [Captive-portals] practicality of 511 HTTP status code > > On 2017-06-23 20:11, Dave Dolson wrote: >> It seems 511 is probably better than 30x for non-browser >> requests-clearly an error instead of redirecting to something unexpected. >> >> Is 511 likely to be OK for old IoT devices? Probably a better outcome >> than 307. >> ... > > FWIW, why is *307* desirable in the first place? Wouldn't it be better to use 301/302 or even 303? > > Best regards, Julian > > _______________________________________________ > Captive-portals mailing list > Captive-portals@ietf.org > https://www.ietf.org/mailman/listinfo/captive-portals -- Mark Nottingham https://www.mnot.net/
- [Captive-portals] practicality of 511 HTTP status… Erik Kline
- Re: [Captive-portals] practicality of 511 HTTP st… Vincent van Dam
- Re: [Captive-portals] practicality of 511 HTTP st… David Bird
- Re: [Captive-portals] practicality of 511 HTTP st… Vincent van Dam
- Re: [Captive-portals] practicality of 511 HTTP st… Mark Nottingham
- Re: [Captive-portals] practicality of 511 HTTP st… Erik Kline
- Re: [Captive-portals] practicality of 511 HTTP st… Mark Nottingham
- Re: [Captive-portals] practicality of 511 HTTP st… Dave Dolson
- Re: [Captive-portals] practicality of 511 HTTP st… Julian Reschke
- Re: [Captive-portals] practicality of 511 HTTP st… Dave Dolson
- Re: [Captive-portals] practicality of 511 HTTP st… mariko kobayashi
- Re: [Captive-portals] practicality of 511 HTTP st… Mark Nottingham
- Re: [Captive-portals] practicality of 511 HTTP st… Dave Dolson
- Re: [Captive-portals] practicality of 511 HTTP st… Julian Reschke
- Re: [Captive-portals] practicality of 511 HTTP st… David Bird
- Re: [Captive-portals] practicality of 511 HTTP st… Dave Dolson