IETF Logo Mail Archive

Re: [Captive-portals] time-based walled gardens

Erik Kline <ek@google.com> Wed, 22 August 2018 02:53 UTC

Return-Path: <ek@google.com>
X-Original-To: captive-portals@ietfa.amsl.com
Delivered-To: captive-portals@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE2B7130E07 for <captive-portals@ietfa.amsl.com>; Tue, 21 Aug 2018 19:53:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.511
X-Spam-Level:
X-Spam-Status: No, score=-17.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nfsr7dVnUO4K for <captive-portals@ietfa.amsl.com>; Tue, 21 Aug 2018 19:53:46 -0700 (PDT)
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1BAD1130DE2 for <captive-portals@ietf.org>; Tue, 21 Aug 2018 19:53:44 -0700 (PDT)
Received: by mail-wr1-x431.google.com with SMTP id o37-v6so322595wrf.6 for <captive-portals@ietf.org>; Tue, 21 Aug 2018 19:53:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=M7+vdU8aL859PzZhqAv5zwSxl6wllwJX5eDWgRefriY=; b=TbTwNhHfi9Qv/2/KF4Cg4gGqPdnyEqXnNdsEFAAtDyOxxmxN6yxDwFb74lRQBJ55S3 fP24TtSrPBX3UUa17RCB2Xq0twsaev3nGF1QE8fW2CV+ARydPV8Repi6dAvuEJQxjJRo 2cYk2d1+Nw7Lgma5CtiEhSY6DhPuNA5JEDRxrZtHPa0Qy0zzuemoXr/X7Cbml6CI9jaF fBoRMreCCBZzySfKXAUy2cgtiGA/XIEZ4BDmd4mIsZSq4NA2Zp21DBfe642PP5j/aguM a08zivuV5w97umQ/ofepWFlG0Msfx2QXtjNQ9wIlWjaEIUZL4FvippWNkZ1xREn221Xp mefg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=M7+vdU8aL859PzZhqAv5zwSxl6wllwJX5eDWgRefriY=; b=oJ//sVZr9snfnjuQUmUl7w3yEg89A27YvmmnWy8iMXhzpvSKK3Bq6nlzQY3qyc/IsN gfmWZO+W0H3kMfpHB5CeaOFbF+7jn9ADRT5l9DEeX9+ZiVKg6jAZTGVQfs0t2vIyxphT Edv3GbE48u+4vIkRtaWrmXXVAKyJr25dmULB0K+iMrxMekv2vB/3q4nOP5aLp+WXOnnj 7wGZkPYWiXcdhUnuDJBRhogOPBkV6gIwwIEYAcsf5Es/U39N+7QIMiKXyem4PANHOf5V 4tG+bxiIKV0kl8OTNfF0ZfHzGFO6Flo+65s9ff1fzKvBmE0E5SkjftsUeEaFdwtZABay WPEg==
X-Gm-Message-State: AOUpUlElssPi8ujyr2zY+MTPP7QnPPslaBAH6eyKYg8LxUPAM93VFQef VAY6XpVXG60+mUKEe8gUeOH8V3X6uFum8dvAZpVQvrgX
X-Google-Smtp-Source: AA+uWPzP9DvWJiowBxfxpALt5hzsV7APqm/59qpAy3PUV2xoOjlVB1xDqV36Get0OAAF9E/Clm+Q6cnDdtVTGAlQoy8=
X-Received: by 2002:adf:b1db:: with SMTP id r27-v6mr16729078wra.95.1534906422211; Tue, 21 Aug 2018 19:53:42 -0700 (PDT)
MIME-Version: 1.0
References: <CADo9JyU2wiEBB4L7ADSybt9se7jCN764JSEoHuGTcuiU_jDscQ@mail.gmail.com> <CAAedzxqR5bWTP_gou+hC5cgQ99tV275nX_ijm7iUok4-h+3wMQ@mail.gmail.com> <CADo9JyVfmhir8YtOR2mzzaaPL_9mBKgFmht6-SA50SfPmh9z6w@mail.gmail.com> <CAAedzxrck9+TBpEp-x8_tG-oxxKh4MQ4-x+iuGNGd6JsG=poQQ@mail.gmail.com> <CADo9JyUKb_c6SPigjUqngUyPvDsbN10TLZX0+B9r92xm6XGgAA@mail.gmail.com> <27524.1491594871@dooku.sandelman.ca> <CAAedzxo3Gp9ZhLeujZBC0vn9GO=+xHxkAstisoUAX1BCTEtYvQ@mail.gmail.com> <CADo9JyUr2rpZBjz5zMrrUmi8+gR9VGxBFhMLGVqFGYiWsOic6w@mail.gmail.com> <23307.1491830383@obiwan.sandelman.ca> <alpine.DEB.2.02.1704101549180.27978@uplift.swm.pp.se> <CADo9JyX6CzoxyxnGWq+sP+PM20DQUxYxvyqpHkDTJCWYUi99dg@mail.gmail.com> <alpine.DEB.2.02.1704101654550.27978@uplift.swm.pp.se> <CADo9JyW+PZEmSVg6oS5Pw2zPOr7rAeKAVy6QUtvVbgTkdVPqQg@mail.gmail.com> <alpine.DEB.2.02.1704101753350.27978@uplift.swm.pp.se> <6C4A44B4-8FA9-4696-969C-2749888CED08@mnot.net> <CADo9JyUk5mkism_u_hODOTocfWvPTPr4j6neCmD7gyHTEenTog@mail.gmail.com> <638D6238-023A-4FBA-B35E-B3FED90C271C@mnot.net> <CADo9JyV+hPg++kSqAAw-rKJF_gtoW123zrb8NmM1VGC+HF45YQ@mail.gmail.com> <CACuvLgy1_ODLjnFQ7jnrrE0werZgoi2Te5Kz3ah4Q6xM-3uNuw@mail.gmail.com>
In-Reply-To: <CACuvLgy1_ODLjnFQ7jnrrE0werZgoi2Te5Kz3ah4Q6xM-3uNuw@mail.gmail.com>
From: Erik Kline <ek@google.com>
Date: Wed, 22 Aug 2018 11:53:29 +0900
Message-ID: <CAAedzxoCCnJJY-vOPgEhisTN225Fsdt11aMvCzgVqxvdDoD_LA@mail.gmail.com>
To: kyle@agilicus.com
Cc: dbird=40google.com@dmarc.ietf.org, Mark Nottingham <mnot@mnot.net>, captive-portals@ietf.org, Martin Thomson <martin.thomson@gmail.com>, Mikael Abrahamsson <swmike@swm.pp.se>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="0000000000001766530573fd40a3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/captive-portals/JQ3K2pAfK_Ay4dizLePNVYpPXmc>
Subject: Re: [Captive-portals] time-based walled gardens
X-BeenThere: captive-portals@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-Post: <mailto:captive-portals@ietf.org>
List-Help: <mailto:captive-portals-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Aug 2018 02:53:49 -0000

On Thu, 26 Jul 2018 at 00:43, Kyle Larose <kyle@agilicus.com> wrote:
>
> Hi David,
>
> [snip]
>
> On 25 July 2018 at 08:59, David Bird <dbird=40google.com@dmarc.ietf.org> wrote:
>>
>> Hi Mark,
>>
>>>
>>> > What is concerning with the API and direction of the WG, is that we are defining a new form of captivity … “self enforced”. Which will lead to the UEs doing probing to “confirm” the API captivity matches the Network captivity. Networks with API captivity can even be put on top of previously Open WiFi networks (that have no Network captivity). This is new - even if the UE allows the user to ignore the API captivity.
>>> >
>>> > Having written the problem statement, what are your thoughts on the direction today?
>>>
>>> I have lots of questions about how it's going to play out, but at first glance it looks interesting -- if only because it provides a way for some portals to be less intrusive on the network. For non-financial cases (e.g., T&Cs, ads), it *might* be enough to deploy a captive portal without any blocking. One could argue that it might encourage increased deployment, but *if* it works out, the less intrusive nature might balance that out.
>>>
>>
>> Networking putting the "API captivity" on networks without any real network captive portal might sound like an improvement, but I think it will not play out that way...
>>
>> For starters, not all networks *can* do that (legal requirements, etc). And, as networks do deploy it on open networks, users (and UEs) will just be trained to ignore it - "skip the portal" button. However, the user/UE will also experience networks that have network captivity even after skipping the "API captivity"... and we are back to where we started... probing, https redirecting, and UEs guessing.
>>
>>
>
>
> I just want to confirm: you're saying that nobody would actually deploy a bogus API on a network without real captivity because people would simply ignore it, and that this then leads to an arms race with legitimate portals? I'm not sure how the API would facilitate a "skip the captivity" button. As currently phrased, it's simply there to tell you when you are captive so that you may visit the portal.
>
> If the API says you're captive, then the UE would suggest you visit the portal. If you weren't actually captive, I guess you could skip doing so, but wouldn't the UE consider the network broken and not actually try allow traffic through? Would that be a problem (i.e. would it just fall back to probes)?
>
> I imagine the workflow of a user would be along the lines of:
>
> UE says an open network is available
> User associates with network
> UE discovers captive API on network
> UE does not update routes to go through network
> UE tells the user that the network is captive, and that they should visit the portal
> Option 1: User goes to portal
>
> User accesses the portal. possibly reads the text, and clicks accept
> API indicates that the user has access, so UE updates its routes to go through that network
>
> OR Option 2: User ignores portal:
>
> User ignores the portal. UE does not update routes
> User fails to do anything with network, and either finds a new one, or actually goes to the portal
>
>
> Now, the UE *could* just let the user through in #7, or give the option to the user to use the network anyway (is this what you're suggesting leads to the arms race?), but is that likely?
>
> Note that there is one possible flaw here in #6, what if the API always returns "disallowed"? I think that the user would just not use the network. Sure, the network has had one or two hits at its portal from that user, but is that any different than a portal which does the same thing today?

(co-chair hat off)

I think a reasonable assumption on the part of the UE would be: if the
API exists && it's telling me I'm captive, then assume successful
probes are successful for some /other/ reason than the portal being
generally open.  As a result: do not switch to this network
automatically (manual action by the user or this network being the
/only/ network connection available to the device could change this,
of course).

v2.23.0 | Report a Bug | By Email