IETF Logo Mail Archive

Re: [Captive-portals] Magnus Westerlund's Discuss on draft-ietf-capport-api-07: (with DISCUSS)

Tommy Pauly <tpauly@apple.com> Mon, 15 June 2020 16:15 UTC

Return-Path: <tpauly@apple.com>
X-Original-To: captive-portals@ietfa.amsl.com
Delivered-To: captive-portals@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BE603A0DF9; Mon, 15 Jun 2020 09:15:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V5G4gnqdbvUR; Mon, 15 Jun 2020 09:15:26 -0700 (PDT)
Received: from ma1-aaemail-dr-lapp02.apple.com (ma1-aaemail-dr-lapp02.apple.com [17.171.2.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A4803A0D35; Mon, 15 Jun 2020 09:15:26 -0700 (PDT)
Received: from pps.filterd (ma1-aaemail-dr-lapp02.apple.com [127.0.0.1]) by ma1-aaemail-dr-lapp02.apple.com (8.16.0.42/8.16.0.42) with SMTP id 05FGE3HX043859; Mon, 15 Jun 2020 09:15:24 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=from : message-id : content-type : mime-version : subject : date : in-reply-to : cc : to : references; s=20180706; bh=gPrrz5M4xWWsMBy12ACMSGMLrxPgKU5IQmd39aMsuME=; b=SxJ+QNe2fMsCs+sPJ+Zapxr7MBanE9yCk9iMfdx5J55+h9A+6q8jgvisLAbk4Faxv7Ck ejSPoBHPypPC2wGra8In5lzdkAkPmxqZgWNoqlJb7/+n2IxZ9f9dZWaBevSz+JW3a2HG 6t1riZNhKnyKnCJiylt0nSvpk4zaBGeI0QywG4tS9zpAkfl33Y7eMT5x+J8dp58IouTv pj1jHuEL2G8cNbP40Yzttp6Rm02EuNKRR3R7Nd/a4U1MDYz3x0ksNqBWWk57wlmU6eSx n7LUE8zJg+6x1xsgl1krt1mNkbz/G4O/pkU7nF/Dx+V2m2off8pAtEwIfWwcn/AoZuG9 lQ==
Received: from rn-mailsvcp-mta-lapp02.rno.apple.com (rn-mailsvcp-mta-lapp02.rno.apple.com [10.225.203.150]) by ma1-aaemail-dr-lapp02.apple.com with ESMTP id 31pbpj0n3g-16 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Mon, 15 Jun 2020 09:15:24 -0700
Received: from rn-mailsvcp-mmp-lapp02.rno.apple.com (rn-mailsvcp-mmp-lapp02.rno.apple.com [17.179.253.15]) by rn-mailsvcp-mta-lapp02.rno.apple.com (Oracle Communications Messaging Server 8.1.0.5.20200312 64bit (built Mar 12 2020)) with ESMTPS id <0QBZ00IIN6HM0580@rn-mailsvcp-mta-lapp02.rno.apple.com>; Mon, 15 Jun 2020 09:15:22 -0700 (PDT)
Received: from process_milters-daemon.rn-mailsvcp-mmp-lapp02.rno.apple.com by rn-mailsvcp-mmp-lapp02.rno.apple.com (Oracle Communications Messaging Server 8.1.0.5.20200312 64bit (built Mar 12 2020)) id <0QBZ004006AKN200@rn-mailsvcp-mmp-lapp02.rno.apple.com>; Mon, 15 Jun 2020 09:15:22 -0700 (PDT)
X-Va-A:
X-Va-T-CD: fa628b2f79844893b71f4d5f3cd39427
X-Va-E-CD: 515444e51893e44c0f92e0ebb7f02b23
X-Va-R-CD: 10a55cf1f06a299a6216c7769c690a40
X-Va-CD: 0
X-Va-ID: a828449e-e601-4502-9c54-e6e96aa1b04a
X-V-A:
X-V-T-CD: fa628b2f79844893b71f4d5f3cd39427
X-V-E-CD: 515444e51893e44c0f92e0ebb7f02b23
X-V-R-CD: 10a55cf1f06a299a6216c7769c690a40
X-V-CD: 0
X-V-ID: 234ae4e5-e0cb-4c4b-b303-28b5e46be7e2
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-15_06:2020-06-15, 2020-06-15 signatures=0
Received: from [17.234.123.57] (unknown [17.234.123.57]) by rn-mailsvcp-mmp-lapp02.rno.apple.com (Oracle Communications Messaging Server 8.1.0.5.20200312 64bit (built Mar 12 2020)) with ESMTPSA id <0QBZ0093Y6H98H00@rn-mailsvcp-mmp-lapp02.rno.apple.com>; Mon, 15 Jun 2020 09:15:11 -0700 (PDT)
From: Tommy Pauly <tpauly@apple.com>
Message-id: <F87EBD19-F7B3-4F23-A4C9-59806980E2EF@apple.com>
Content-type: multipart/alternative; boundary="Apple-Mail=_CFDC2A78-1DF3-48E1-AA8E-E41905E45A40"
MIME-version: 1.0 (Mac OS X Mail 13.4 \(3608.80.7.2.3\))
Date: Mon, 15 Jun 2020 09:15:09 -0700
In-reply-to: <HE1PR0702MB3772375433F774801E010F8295810@HE1PR0702MB3772.eurprd07.prod.outlook.com>
Cc: "mnot@mnot.net" <mnot@mnot.net>, "draft-ietf-capport-api@ietf.org" <draft-ietf-capport-api@ietf.org>, "capport-chairs@ietf.org" <capport-chairs@ietf.org>, "captive-portals@ietf.org" <captive-portals@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "mt@lowentropy.net" <mt@lowentropy.net>
To: Magnus Westerlund <magnus.westerlund=40ericsson.com@dmarc.ietf.org>
References: <159188271968.29701.18116271282173494819@ietfa.amsl.com> <4A75BE73-76B3-47D5-8E1C-0F188CC3916E@mnot.net> <HE1PR0702MB3772375433F774801E010F8295810@HE1PR0702MB3772.eurprd07.prod.outlook.com>
X-Mailer: Apple Mail (2.3608.80.7.2.3)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-15_06:2020-06-15, 2020-06-15 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/captive-portals/thIj9ymleJ-SNzO1oyRI5eN9oQw>
Subject: Re: [Captive-portals] Magnus Westerlund's Discuss on draft-ietf-capport-api-07: (with DISCUSS)
X-BeenThere: captive-portals@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-Post: <mailto:captive-portals@ietf.org>
List-Help: <mailto:captive-portals-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:captive-portals-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jun 2020 16:15:28 -0000

Thanks all for the input. The text in our working copy now reads:

The API server endpoint MUST be accessed over HTTP using an https URI {{!RFC2818}}, and SHOULD use the default https port.

(https://capport-wg.github.io/api/draft-ietf-capport-api.html#name-api-connection-details <https://capport-wg.github.io/api/draft-ietf-capport-api.html#name-api-connection-details>)


> On Jun 12, 2020, at 7:43 AM, Magnus Westerlund <magnus.westerlund=40ericsson.com@dmarc.ietf.org> wrote:
> 
> Hi,
> 
> I fully understand the simplicity from one perspective to not define the
> version of HTTP. And I think the proposed language was an improvement. Using
> default port I think has an advantage due to the multi transport protocol
> nature we have here. 
> 
> On the question about versions I think it has likely interesting
> implications for CAPPORT implementations. I expect that servers will
> actually be deployed and potentially not be upgraded after having been
> installed in a network over significant times in some cases. This will force
> the clients to actually support the full set of HTTP protocols to support to
> ensure interoperability over many networks. I guess this is similar for
> other deployments of HTTP beyond the web. 

As a client implementer, I think this is both entirely standard and entirely necessary. Any device that is currently interacting with a user-facing captive portal needs to support generic browser-style webpages, which means that support for older versions HTTP for compatibility reasons is a necessity. I agree with Mark that the text here shouldn’t specify anything about the wire format version, since it has no requirements on capabilities specific to HTTP/2, HTTP/3, etc.

Best,
Tommy
> 
> Cheers
> 
> Magnus Westerlund
> 
>> -----Original Message-----
>> From: Mark Nottingham <mnot@mnot.net <mailto:mnot@mnot.net>>
>> Sent: den 12 juni 2020 05:56
>> To: Magnus Westerlund <magnus.westerlund@ericsson.com <mailto:magnus.westerlund@ericsson.com>>
>> Cc: The IESG <iesg@ietf.org <mailto:iesg@ietf.org>>; capport-chairs@ietf.org <mailto:capport-chairs@ietf.org>; captive-
>> portals@ietf.org <mailto:portals@ietf.org>; Martin Thomson <mt@lowentropy.net <mailto:mt@lowentropy.net>>; draft-ietf-
>> capport-api@ietf.org <mailto:capport-api@ietf.org>
>> Subject: Re: [Captive-portals] Magnus Westerlund's Discuss on draft-ietf-
>> capport-api-07: (with DISCUSS)
>> 
>> Just jumping in here, apologies if I don't have all context:
>> 
>>> On 11 Jun 2020, at 11:38 pm, Magnus Westerlund via Datatracker
>> <noreply@ietf.org> wrote:
>>> 
>>> First of all what is the intention of which HTTP version should be
>>> supported here? And which protocol are the port 443 you are
>>> recommending, TCP, UDP or SCTP? This also relates to HTTP/3 as it is
>>> getting close to being published, we can expect that in the future maybe
>> people would like to upgrade to HTTP/3.
>> 
>> It's generally bad practice for an API to specify a version of HTTP.
>> 
>>> Already now I am wondering if the written allow for HTTP/2 over
>>> TLS/TCP? Note, that I am mostly commenting from the perspective if you
>>> want to be specific that it is HTTP/1.1. over TLS/TCP that is the
>>> goal. Then this document should make certain changes in the
>>> formulation. If you want to be unspecific and don't think that will
>>> hurt interoperability, then another formulation that the current is also
>> needed.
>> 
>> I think what's desired is to say that the URL accessed must have a HTTPS
>> scheme and a default port, not that communication happen over any specific
>> wire format.
>> 
>>> Likely also a discussion about how a client will figure out what
>>> versions are supported.
>> 
>> Why would it be different than any other use of HTTP?
>> 
>> Cheers,
>> 
>> --
>> Mark Nottingham   https://protect2.fireeye.com/v1/url?k=3a8ff1cb- <https://protect2.fireeye.com/v1/url?k=3a8ff1cb->
>> 642f338e-3a8fb150-86b568293eb5-26a118f7c2d94334&q=1&e=d25e7a4c-
>> f7e3-4e34-a054-2498def27e05&u=https%3A%2F%2Fwww.mnot.net <http://2fwww.mnot.net/>%2F
> 
> _______________________________________________
> Captive-portals mailing list
> Captive-portals@ietf.org <mailto:Captive-portals@ietf.org>
> https://www.ietf.org/mailman/listinfo/captive-portals <https://www.ietf.org/mailman/listinfo/captive-portals>

v2.23.0 | Report a Bug | By Email