[Captive-portals] Review of draft-ietf-capport-api-02
Kyle Larose <kyle@agilicus.com> Sun, 24 March 2019 13:51 UTC
Return-Path: <kyle@agilicus.com>
X-Original-To: captive-portals@ietfa.amsl.com
Delivered-To: captive-portals@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57609131071 for <captive-portals@ietfa.amsl.com>; Sun, 24 Mar 2019 06:51:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=agilicus.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id suWgMPzANJXF for <captive-portals@ietfa.amsl.com>; Sun, 24 Mar 2019 06:51:09 -0700 (PDT)
Received: from mail-io1-xd43.google.com (mail-io1-xd43.google.com [IPv6:2607:f8b0:4864:20::d43]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 98E49130EBD for <captive-portals@ietf.org>; Sun, 24 Mar 2019 06:51:09 -0700 (PDT)
Received: by mail-io1-xd43.google.com with SMTP id x3so5466862iol.10 for <captive-portals@ietf.org>; Sun, 24 Mar 2019 06:51:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=agilicus.com; s=google; h=mime-version:from:date:message-id:subject:to:cc; bh=2ToFkyeSF8ZG33NgCtuE/0nqZX6RA7nChGDbOCGxAHg=; b=V94wL7LvC8N8g1OgDVtBjPcxdSM9/rtOHKXRJmoFcrN0eGj5bZ7+4hVlgyWAQOD4qq Pmo3n0C931cRB8Ay3rt4fGnpIzlYVyd2FoMOX5wfs129rakD0IF9knNbo8YBbmqL0Dpa ylOjgPkXLfi+Pd1PKmsVwZWRGiN9dhTMK0krnzfUp0b8yj+Yq87RuzFppGf1o3HaOEuW 4GEUZ3BE+6BCT0OXuMs0pWtt7r11wTctzlNcGXz3gkVEtBrztAq+/FoL8VAoAs7Ry+F1 vlbveXjcT0riMe4LHhFKm6rjq6vlhNqvfdrLt8vr8g2ZGjx6saPHifc4lEBAbz7ZpdqD pILw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=2ToFkyeSF8ZG33NgCtuE/0nqZX6RA7nChGDbOCGxAHg=; b=YgGAdTPf8qxuw2dH2gLU5kvhFniuDl676UyCaEhtaL62LpJ9HFbJDO8XJAtKAkJxMb GPMYP9AFnbRXFmPUkYYi0k752cNo3wEwgHzpXULiO9M98OxR2I75ht1oXYBX/o4vSMQS QmBFVaoJ3MYvta3e+7VusimJGFYgNDLcueEqhAYTJTIMP/zu6+2Gf7UttnoUrfhMolVI kUlemADXYE8sBErks4E23VM/pyrTP+MrUfWw2JqD3MEptMc7e+CeTdUFzBRGlh7frucF uIFNUkBmqvI282J+XkgzCNfMaiUlPfCpD/eKvKSEe+3PihreRcpDyXevI134Af8xk76u MX4g==
X-Gm-Message-State: APjAAAUMyBHboFqNqw3IRLpwPDfVAt36t4dAfcmgeJP2GvaNzhVaHO4p bPdwrQA5vvyrHPXTiGj5BFkWeRFR91BeJbMPn5Rv
X-Google-Smtp-Source: APXvYqzJTnkhEQzAhjLIO6pxOfGRKCOJhdxwLNgUMW2qIn4mOQ7R9+PxwASAzTs/M+FMwn0KsSQnHRCAmHrLqJt0caA=
X-Received: by 2002:a6b:7108:: with SMTP id q8mr10549864iog.85.1553435468806; Sun, 24 Mar 2019 06:51:08 -0700 (PDT)
MIME-Version: 1.0
From: Kyle Larose <kyle@agilicus.com>
Date: Sun, 24 Mar 2019 09:50:58 -0400
Message-ID: <CACuvLgzBHC5eKsNTGyvo_SiTra0F6Be1U6s__-zLH+Zt6_98EA@mail.gmail.com>
To: Tommy Pauly <tpauly@apple.com>, Darshak Thakore <d.thakore@cablelabs.com>
Cc: captive-portals@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/captive-portals/LwtxvxGFN0GAv0iB-6ZnOy562ls>
Subject: [Captive-portals] Review of draft-ietf-capport-api-02
X-BeenThere: captive-portals@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-Post: <mailto:captive-portals@ietf.org>
List-Help: <mailto:captive-portals-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Mar 2019 13:51:17 -0000
Tommy and Darshak,
Thanks for the update. Changing host to client makes sense. I hadn't
considered the NTP case either; it's pretty important!
I've done a re-read of the document. It is still nice and simple. Good job!
I have some comments.
In section 3, the document outlines the steps of interaction between a
client and the captive portal service. It says:
> 3. Enforcement, in which the enforcement device in the network
> blocks disallowed traffic, and sends ICMP messages to let clients
> know they are blocked by the captive portal
The architecture now refers to the ICMP message as a the "Captive
Portal Signal" (since we haven't decided on a concrete
implementation). We should be consistent here.
It may also be worth noting that the signal is optional, though it may
be easier to read if we don't bring that up in the API document.
In Section 4.2, the data structure defines the following json field:
> o "vendor-info-url" (optional, string): provides the URL of a
> webpage or site on which the operator of the network has
> information that it wishes to share with the user (e.g. store
> info, maps, flight status, or entertainment).
We don't provide any concrete examples or guidance on how to use this.
Is it something to user-portal-url would refer to? Should it be shown
alongside the user-portal-url? Would some text along the lines of:
"The client MAY notify the user of this url/provide a link/etc..."
work? Or is that getting too into the UX details?
It also defines:
> o "bytes-remaining" (optional, integer): indicates the number of
> bytes remaining, after which the client will be in placed into a
> captive state.
Should we be clear about whether this applies to bytes sent by the
client, bytes received by the client, or both (i.e. the sum). We could
also get into the details of at which layer the enforcement device is
doing the counting, but that may be too much detail.
A general note regard the data structure: I'm not sure if we've
brought this up in the past. Do we want to version the data structure?
Or would future extensions simply add keys whose presence implies the
new version?
In section 4.3, the example HTTP request starts with:
> GET /captive-portal/api/X54PD
Nit: don't we need an HTTP version at the end there?
That's all for now.
Have fun in Prague,
Kyle
- [Captive-portals] Review of draft-ietf-capport-ap… Kyle Larose
- Re: [Captive-portals] Review of draft-ietf-cappor… Darshak Thakore