Re: [Captive-portals] Arguments against (any) Capport "API"

[Kyle Larose <klarose@sandvine.com>]

I was sitting in a coffee shop on Saturday in Chicago, and decided to log in to their wifi. It was a captive portal that basically said something like “Hey, we’re giving you this service for free, because we’re [the coffee shop] awesome!”. To log in I just needed to click a button to continue.

The point here, I think, is that the coffee shop is providing this as a service to you, and wants you to know that. I’m not sure how much that is worth to them, but it’s an example of something that isn’t just ToS, and wasn’t terribly intrusive.

From: Captive-portals [mailto:captive-portals-bounces@ietf.org] On Behalf Of David Bird
Sent: Tuesday, April 04, 2017 3:52 PM
To: Mikael Abrahamsson
Cc: captive-portals@ietf.org
Subject: Re: [Captive-portals] Arguments against (any) Capport "API"

My opinion is that guessing why venues put up a portal isn't always that useful. The point is, they have a reason. In some countries, there are legal requirements to display ToS. While we could try to implement ways around ToS type portals, are we helping the venue be more compliant? In all jurisdictions? (Some laws *require* the ToS is displayed *every time*).

For some locations, they may simply WANT to annoy you! (While also collecting per session fees from Boingo or iPass for the privileged of skipping that annoying portal.) More than likely, however, sites like the one you mentioned are just themselves concerned about liability and want that minimal amount of disclaimer...

As a user, you should either be willing to view the portal, pay for ease of use, or find another network...

David


On Tue, Apr 4, 2017 at 12:43 PM, Mikael Abrahamsson <swmike@swm.pp.se<mailto:swmike@swm.pp.se>> wrote:
On Tue, 4 Apr 2017, David Bird wrote:
The one area I do see value in solving is how to get headless IoT devices on-line on capport networks.. But, in some ways, all we need their is a WISPr client in the device and an out-of-band way of configuring credentials into it. That can be solved with existing protocols and technologies.

I only have experience with captive portals as a user. When I travel the world, I have frequently seen captive portal pages that as far as I can see, offer nothing apart from a login page. It might have the hotel name in there, but that's it. So then I have to manually do something like find the piece of paper where my username/password is, and enter that. It seems to be only about authenticating me as actually being a resident of the hotel or whatever venue it is. Sometimes it seems to be there because there are legal requirements for tracking (they will write down a log of my room number and username on the paper in a ledger).

It's extremely cumbersome and as far as I can tell, it adds nothing for the WISP (at least nothing I can tell) by means of marketing or alike, it's only for assuring that people in the street can't just use the wifi.

Do you know the motivation for doing this in the context of your email? Is there added cost for them to automate the behavior, as in IPR or other licensing cost for them to use the automation tech that perhaps is already available in my mobile device?

--
Mikael Abrahamsson    email: swmike@swm.pp.se<mailto:swmike@swm.pp.se>