On 30 June 2015 at 11:20, Warren Kumari <war...@kumari.net> wrote: > I wanted the charter text to be longer than just:
A longer charter should not be a goal. You only have to cover the basic points: Some networks require some form of interaction from users prior to authorizing network access. Prior to granting that authorization, network access might be limited in some fashion. Frequently, this authorization process requires human interaction, frequently to either arrange for payment or accept some legal terms. Currently, network providers attempt to reach a human user by intercepting cleartext HTTP to force a redirect to a web page of their choice. This design creates a number of problems, primarily: it can only work if an endpoint initiates a cleartext HTTP connection, and the interception looks like a MitM attack. The human eyes needed to access Internet (hmm, maybe your name is better) working group will define mechanisms that: - allow endpoints to discover that they are in such a limited environment - allow endpoints to learn about the parameters of their confinement - advertise a location whereby human users can directly engage with their captor in order to obtain unrestricted access - (optionally) advertise a service whereby devices can enable or disable unrestricted access without human interaction On this last point: > Yup. This will also be needed for devices that have no UI. The problem with this last one is that it is unclear how endpoints and network come to agree upon the terms under which a request of this form is authorized. I've not seen a clear model for that, and I wouldn't want to have one before addressing the more pressing issues. _______________________________________________ Captive-portals mailing list Captive-portals@ietf.org https://www.ietf.org/mailman/listinfo/captive-portals
