[Captive-portals] Robert Wilton's No Objection on draft-ietf-capport-api-07: (with COMMENT)
Robert Wilton via Datatracker <noreply@ietf.org> Thu, 11 June 2020 11:17 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: captive-portals@ietf.org
Delivered-To: captive-portals@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id A18723A0029; Thu, 11 Jun 2020 04:17:41 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Robert Wilton via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-capport-api@ietf.org, capport-chairs@ietf.org, captive-portals@ietf.org, Martin Thomson <mt@lowentropy.net>, mt@lowentropy.net
X-Test-IDTracker: no
X-IETF-IDTracker: 7.3.1
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Robert Wilton <rwilton@cisco.com>
Message-ID: <159187426163.11035.11823958603457067416@ietfa.amsl.com>
Date: Thu, 11 Jun 2020 04:17:41 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/captive-portals/t2RzKKaUcnz9geJkA0nMg2BsFG8>
Subject: [Captive-portals] Robert Wilton's No Objection on draft-ietf-capport-api-07: (with COMMENT)
X-BeenThere: captive-portals@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-Post: <mailto:captive-portals@ietf.org>
List-Help: <mailto:captive-portals-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jun 2020 11:17:42 -0000
Robert Wilton has entered the following ballot position for draft-ietf-capport-api-07: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-capport-api/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Hi, I found this document straight forward and easy to read. Linda's comment in the Opsdir review is interesting. I would have expected the CAPPORT architecture document to discuss/reference the problem being solved, but it seems to be mostly silent on this. I will redirect Linda's comment to the CAPPORT architecture. In section 5. "API State Structure", it does not state whether a connection could be both time and data limited. My reading of the spec is that this would be allowed, assuming that is the case, the current text is fine. 6. Example Interaction Upon receiving this information the client will use this information direct the user to the the web portal (as specified by the user- portal-url value) to enable access to the external network. Once the user satisfies the requirements for extenal network access, the client SHOULD query the API server again to verify that it is no longer captive. Nit: information direct => information to direct 7. Security Considerations I'm slightly concerned about the third paragraph in the security considerations. Ideally I would like a solution that doesn't require humans to potentially spot potentially dubious spoofed domain names. But I can appreciate that is probably out of scope here. 7.1. Privacy Considerations Possibly worth adding a comment about the necessity to keep personal information secure. In addition, should there be any comments about GDPR like constraints (if they apply)? Thanks, Rob
- [Captive-portals] Robert Wilton's No Objection on… Robert Wilton via Datatracker
- Re: [Captive-portals] Robert Wilton's No Objectio… Tommy Pauly
- Re: [Captive-portals] Robert Wilton's No Objectio… Rob Wilton (rwilton)
- Re: [Captive-portals] Robert Wilton's No Objectio… Tommy Pauly
- Re: [Captive-portals] Robert Wilton's No Objectio… Rob Wilton (rwilton)