Re: [Captive-portals] Magnus Westerlund's Discuss on draft-ietf-capport-api-07: (with DISCUSS)
Tommy Pauly <tpauly@apple.com> Fri, 19 June 2020 03:12 UTC
Return-Path: <tpauly@apple.com>
X-Original-To: captive-portals@ietfa.amsl.com
Delivered-To: captive-portals@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C39373A10AD; Thu, 18 Jun 2020 20:12:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YD1uI3xwR2Wf; Thu, 18 Jun 2020 20:12:21 -0700 (PDT)
Received: from nwk-aaemail-lapp02.apple.com (nwk-aaemail-lapp02.apple.com [17.151.62.67]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A4E03A0C7A; Thu, 18 Jun 2020 20:12:21 -0700 (PDT)
Received: from pps.filterd (nwk-aaemail-lapp02.apple.com [127.0.0.1]) by nwk-aaemail-lapp02.apple.com (8.16.0.42/8.16.0.42) with SMTP id 05J37UkY035219; Thu, 18 Jun 2020 20:12:20 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=from : message-id : content-type : mime-version : subject : date : in-reply-to : cc : to : references; s=20180706; bh=N60K9cKZFnZT8ueVA+c+LAAre3EBz7kelxjV+IZm/o4=; b=a5zFT2JkHmzTCnHLmkW2Oj8gQpgKYf5VdkeXlNNUSFSbz5gSUblO+AzIiGB54fBCMbbl ANyy6X8DCbiWhxlIsrBxh4MPIjtfhB3WugUMpUnbCP8Nrdosn/bLYV5HiZrASqdU1oGn GcSfMTjtf1gaAVcWDGclvfNC2WFJsJjoRNX76PzRJYa7RvxoZZR7FRl46ItooisE688f iT33X0UVZJ40kyKLDSf2GHP+PzrhCpHXcTnwzIM07i+q3XsRKt7PgJQZE+olrNIP3Qix uM7/enVLtFhSpQB1lUF8Y7je72giKDypawYTRWvl2hikyJiQQsLCweB2BIvyTGwaEnFp iw==
Received: from rn-mailsvcp-mta-lapp04.rno.apple.com (rn-mailsvcp-mta-lapp04.rno.apple.com [10.225.203.152]) by nwk-aaemail-lapp02.apple.com with ESMTP id 31q661542s-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 18 Jun 2020 20:12:20 -0700
Received: from rn-mailsvcp-mmp-lapp01.rno.apple.com (rn-mailsvcp-mmp-lapp01.rno.apple.com [17.179.253.14]) by rn-mailsvcp-mta-lapp04.rno.apple.com (Oracle Communications Messaging Server 8.1.0.5.20200312 64bit (built Mar 12 2020)) with ESMTPS id <0QC5011Y5KWJ9W40@rn-mailsvcp-mta-lapp04.rno.apple.com>; Thu, 18 Jun 2020 20:12:19 -0700 (PDT)
Received: from process_milters-daemon.rn-mailsvcp-mmp-lapp01.rno.apple.com by rn-mailsvcp-mmp-lapp01.rno.apple.com (Oracle Communications Messaging Server 8.1.0.5.20200312 64bit (built Mar 12 2020)) id <0QC500U00KGNZW00@rn-mailsvcp-mmp-lapp01.rno.apple.com>; Thu, 18 Jun 2020 20:12:19 -0700 (PDT)
X-Va-A:
X-Va-T-CD: fa628b2f79844893b71f4d5f3cd39427
X-Va-E-CD: 515444e51893e44c0f92e0ebb7f02b23
X-Va-R-CD: 10a55cf1f06a299a6216c7769c690a40
X-Va-CD: 0
X-Va-ID: 142e5367-21ff-4dd1-b086-4f40b7032d45
X-V-A:
X-V-T-CD: fa628b2f79844893b71f4d5f3cd39427
X-V-E-CD: 515444e51893e44c0f92e0ebb7f02b23
X-V-R-CD: 10a55cf1f06a299a6216c7769c690a40
X-V-CD: 0
X-V-ID: d97bb395-849e-4078-a72c-a6f09d8fc364
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-18_21:2020-06-18, 2020-06-18 signatures=0
Received: from [17.234.109.191] (unknown [17.234.109.191]) by rn-mailsvcp-mmp-lapp01.rno.apple.com (Oracle Communications Messaging Server 8.1.0.5.20200312 64bit (built Mar 12 2020)) with ESMTPSA id <0QC500B6CKWGI500@rn-mailsvcp-mmp-lapp01.rno.apple.com>; Thu, 18 Jun 2020 20:12:17 -0700 (PDT)
From: Tommy Pauly <tpauly@apple.com>
Message-id: <85F05ED0-16AF-46C3-BA08-BAE33E017892@apple.com>
Content-type: multipart/alternative; boundary="Apple-Mail=_A254F903-8D8B-4568-A325-02B2F438F0F1"
MIME-version: 1.0 (Mac OS X Mail 13.4 \(3608.80.7.2.3\))
Date: Thu, 18 Jun 2020 20:12:15 -0700
In-reply-to: <F87EBD19-F7B3-4F23-A4C9-59806980E2EF@apple.com>
Cc: "capport-chairs@ietf.org" <capport-chairs@ietf.org>, "captive-portals@ietf.org" <captive-portals@ietf.org>, "mnot@mnot.net" <mnot@mnot.net>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-capport-api@ietf.org" <draft-ietf-capport-api@ietf.org>, "mt@lowentropy.net" <mt@lowentropy.net>
To: Magnus Westerlund <magnus.westerlund=40ericsson.com@dmarc.ietf.org>
References: <159188271968.29701.18116271282173494819@ietfa.amsl.com> <4A75BE73-76B3-47D5-8E1C-0F188CC3916E@mnot.net> <HE1PR0702MB3772375433F774801E010F8295810@HE1PR0702MB3772.eurprd07.prod.outlook.com> <F87EBD19-F7B3-4F23-A4C9-59806980E2EF@apple.com>
X-Mailer: Apple Mail (2.3608.80.7.2.3)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-18_21:2020-06-18, 2020-06-18 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/captive-portals/U-eYeBTD-hxHSyYpF9qAhSt47jA>
Subject: Re: [Captive-portals] Magnus Westerlund's Discuss on draft-ietf-capport-api-07: (with DISCUSS)
X-BeenThere: captive-portals@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-Post: <mailto:captive-portals@ietf.org>
List-Help: <mailto:captive-portals-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Jun 2020 03:12:23 -0000
Hi Magnus, I’ve published the proposed text in the -08 version of the draft: https://datatracker.ietf.org/doc/html/draft-ietf-capport-api <https://datatracker.ietf.org/doc/html/draft-ietf-capport-api> Please take a look, and update your evaluation if it looks good! Best, Tommy > On Jun 15, 2020, at 9:15 AM, Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org> wrote: > > Thanks all for the input. The text in our working copy now reads: > > The API server endpoint MUST be accessed over HTTP using an https URI {{!RFC2818}}, and SHOULD use the default https port. > > (https://capport-wg.github.io/api/draft-ietf-capport-api.html#name-api-connection-details <https://capport-wg.github.io/api/draft-ietf-capport-api.html#name-api-connection-details>) > > >> On Jun 12, 2020, at 7:43 AM, Magnus Westerlund <magnus.westerlund=40ericsson.com@dmarc.ietf.org <mailto:magnus.westerlund=40ericsson.com@dmarc.ietf.org>> wrote: >> >> Hi, >> >> I fully understand the simplicity from one perspective to not define the >> version of HTTP. And I think the proposed language was an improvement. Using >> default port I think has an advantage due to the multi transport protocol >> nature we have here. >> >> On the question about versions I think it has likely interesting >> implications for CAPPORT implementations. I expect that servers will >> actually be deployed and potentially not be upgraded after having been >> installed in a network over significant times in some cases. This will force >> the clients to actually support the full set of HTTP protocols to support to >> ensure interoperability over many networks. I guess this is similar for >> other deployments of HTTP beyond the web. > > As a client implementer, I think this is both entirely standard and entirely necessary. Any device that is currently interacting with a user-facing captive portal needs to support generic browser-style webpages, which means that support for older versions HTTP for compatibility reasons is a necessity. I agree with Mark that the text here shouldn’t specify anything about the wire format version, since it has no requirements on capabilities specific to HTTP/2, HTTP/3, etc. > > Best, > Tommy >> >> Cheers >> >> Magnus Westerlund >> >>> -----Original Message----- >>> From: Mark Nottingham <mnot@mnot.net <mailto:mnot@mnot.net>> >>> Sent: den 12 juni 2020 05:56 >>> To: Magnus Westerlund <magnus.westerlund@ericsson.com <mailto:magnus.westerlund@ericsson.com>> >>> Cc: The IESG <iesg@ietf.org <mailto:iesg@ietf.org>>; capport-chairs@ietf.org <mailto:capport-chairs@ietf.org>; captive- >>> portals@ietf.org <mailto:portals@ietf.org>; Martin Thomson <mt@lowentropy.net <mailto:mt@lowentropy.net>>; draft-ietf- >>> capport-api@ietf.org <mailto:capport-api@ietf.org> >>> Subject: Re: [Captive-portals] Magnus Westerlund's Discuss on draft-ietf- >>> capport-api-07: (with DISCUSS) >>> >>> Just jumping in here, apologies if I don't have all context: >>> >>>> On 11 Jun 2020, at 11:38 pm, Magnus Westerlund via Datatracker >>> <noreply@ietf.org <mailto:noreply@ietf.org>> wrote: >>>> >>>> First of all what is the intention of which HTTP version should be >>>> supported here? And which protocol are the port 443 you are >>>> recommending, TCP, UDP or SCTP? This also relates to HTTP/3 as it is >>>> getting close to being published, we can expect that in the future maybe >>> people would like to upgrade to HTTP/3. >>> >>> It's generally bad practice for an API to specify a version of HTTP. >>> >>>> Already now I am wondering if the written allow for HTTP/2 over >>>> TLS/TCP? Note, that I am mostly commenting from the perspective if you >>>> want to be specific that it is HTTP/1.1. over TLS/TCP that is the >>>> goal. Then this document should make certain changes in the >>>> formulation. If you want to be unspecific and don't think that will >>>> hurt interoperability, then another formulation that the current is also >>> needed. >>> >>> I think what's desired is to say that the URL accessed must have a HTTPS >>> scheme and a default port, not that communication happen over any specific >>> wire format. >>> >>>> Likely also a discussion about how a client will figure out what >>>> versions are supported. >>> >>> Why would it be different than any other use of HTTP? >>> >>> Cheers, >>> >>> -- >>> Mark Nottingham https://protect2.fireeye.com/v1/url?k=3a8ff1cb- <https://protect2.fireeye.com/v1/url?k=3a8ff1cb-> >>> 642f338e-3a8fb150-86b568293eb5-26a118f7c2d94334&q=1&e=d25e7a4c- >>> f7e3-4e34-a054-2498def27e05&u=https%3A%2F%2Fwww.mnot.net <http://2fwww.mnot.net/>%2F >> >> _______________________________________________ >> Captive-portals mailing list >> Captive-portals@ietf.org <mailto:Captive-portals@ietf.org> >> https://www.ietf.org/mailman/listinfo/captive-portals <https://www.ietf.org/mailman/listinfo/captive-portals> > _______________________________________________ > Captive-portals mailing list > Captive-portals@ietf.org <mailto:Captive-portals@ietf.org> > https://www.ietf.org/mailman/listinfo/captive-portals <https://www.ietf.org/mailman/listinfo/captive-portals>
- [Captive-portals] Magnus Westerlund's Discuss on … Magnus Westerlund via Datatracker
- Re: [Captive-portals] Magnus Westerlund's Discuss… Tommy Pauly
- Re: [Captive-portals] Magnus Westerlund's Discuss… Barry Leiba
- Re: [Captive-portals] Magnus Westerlund's Discuss… Mark Nottingham
- Re: [Captive-portals] Magnus Westerlund's Discuss… Magnus Westerlund
- Re: [Captive-portals] Magnus Westerlund's Discuss… Tommy Pauly
- Re: [Captive-portals] Magnus Westerlund's Discuss… Tommy Pauly