2013/2/5, Ted Lemon <ted.le...@nominum.com>: > On Feb 5, 2013, at 5:47 AM, GangChen <phdg...@gmail.com> wrote: >> Ideally, HE-MIF could choose the right interface >> matching the provisioning domain. However, if the interface in >> provisioning domain A using default gw could reach the peer, it will >> have a problem. I believe the problem is similar with >> http://tools.ietf.org/html/rfc6731#section-2.3. The only solution is >> manual user intervention as far as I can say. > > No, this is not true. Furthermore, this failure mode happens to me on a > regular basis when my handset connects to a Wifi SSID it recognizes; > everything IP-dependent stops until I either disable WiFi or authenticate to > the captive portal. This is a trivially easy attack to do on handsets with > WiFi (which is most handsets nowadays). > > Similarly, some web gateways, particularly in airports and hotels, only > offer service on ports 80 and 443. I'd like to be able to use this > transport where it works, because it's cheaper than my 4G LTE service (at > least hypothetically). But a solution that follows the weak host model > will not succeed in this situation—it will either always use LTE, or always > use the WiFi. > > If HE-MIF does not address this use case, it seems to me that we simply > aren't addressing the bulk of the use cases that motivated the formation of > this working group. If that's the case, why do the work?
I guess the information on this link may relieve your concerns. http://www.ietf.org/mail-archive/web/mif/current/msg01138.html I have tested hotspots in our network. The captive portal systems do not reply with their own IP address, but reply with the IP address of the queried FQDN, and then do IP masquerading as the destination IP address. It's using HTTP redirection to the captive portal. In this way, HE-MIF would work well. Since TCP handshake would be broken if there is a captive portal, HE-MIF node would fallback to other interfaces automatically. Best Regards Gang _______________________________________________ mif mailing list mif@ietf.org https://www.ietf.org/mailman/listinfo/mif
