[Captive-portals] The architecture requiring that the API be secure
Kyle Larose <klarose@sandvine.com> Wed, 28 February 2018 13:30 UTC
Return-Path: <klarose@sandvine.com>
X-Original-To: captive-portals@ietfa.amsl.com
Delivered-To: captive-portals@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54B41129C56 for <captive-portals@ietfa.amsl.com>; Wed, 28 Feb 2018 05:30:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.931
X-Spam-Level:
X-Spam-Status: No, score=-1.931 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xAX35UWGtFPG for <captive-portals@ietfa.amsl.com>; Wed, 28 Feb 2018 05:30:43 -0800 (PST)
Received: from mail1.sandvine.com (Mail1.sandvine.com [64.7.137.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A28E6129C51 for <captive-portals@ietf.org>; Wed, 28 Feb 2018 05:30:41 -0800 (PST)
Received: from WTL-EXCHSV2-2.sandvine.com (192.168.194.59) by WTL-EXCHSV2-1.sandvine.com (192.168.194.58) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521) id 15.1.1034.26; Wed, 28 Feb 2018 08:30:39 -0500
Received: from WTL-EXCHSV2-2.sandvine.com ([fe80::70e5:d09e:7bb9:986a]) by WTL-EXCHSV2-2.sandvine.com ([fe80::70e5:d09e:7bb9:986a%20]) with mapi id 15.01.1034.026; Wed, 28 Feb 2018 08:30:39 -0500
From: Kyle Larose <klarose@sandvine.com>
To: "captive-portals@ietf.org" <captive-portals@ietf.org>
Thread-Topic: The architecture requiring that the API be secure
Thread-Index: AdOwmEGIOc5tUImgQ+iecfSJRc2rmQ==
Date: Wed, 28 Feb 2018 13:30:39 +0000
Message-ID: <9ba69a5cfa1342769eb703727b2402fb@sandvine.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.200.51]
x-c2processedorg: b2f06e69-072f-40ee-90c5-80a34e700794
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/captive-portals/ieIdItcCZlFQniAuyKP1yOGoq4Y>
Subject: [Captive-portals] The architecture requiring that the API be secure
X-BeenThere: captive-portals@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-Post: <mailto:captive-portals@ietf.org>
List-Help: <mailto:captive-portals-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Feb 2018 13:30:44 -0000
Hey everyone, Issue #6 in the architecture draft (https://github.com/capport-wg/architecture/issues/6) was raised to point out that we should really mandate that the API be secure. Basically, we want to make TLS a requirement, not a suggestion, so I've changed the wording around TLS to reflect this. I also added a section to the security section discussing the motivation behind the requirement. I haven't submitted a new draft with these changes yet; they're still on github in a pull request. Let me know if you have any comments or concerns. Thanks, Kyle Disclaimer: This communication (including any attachments) is intended for the use of the intended recipient(s) only and may contain information that is considered confidential, proprietary, sensitive and/or otherwise legally protected. Any unauthorized use or dissemination of this communication is strictly prohibited. If you have received this communication in error, please immediately notify the sender by return e-mail message and delete all copies of the original communication. Thank you for your cooperation.
- [Captive-portals] The architecture requiring that… Kyle Larose
- Re: [Captive-portals] The architecture requiring … Michael Richardson