> On 21 Oct 2015, at 06:29, joel jaeggli <[email protected]> wrote: > > If the question is, "Is a proposal to facilitate the interception of ssl > connection attempts (enabling a man in the middle attack) by > intermediate parties appropriate work for captive portals to undertake?" > My personal opinion is no.
I would certainly agree. In my view the capport WG should be building a model to prevent that happening, through prior discovery of the portal. As an aside, I wonder whether the recently defined MPD architecture can be used as at least one architecture to consider for capport - see https://tools.ietf.org/html/rfc7556. The opening work items of the updated mif charter seem to fit - https://datatracker.ietf.org/wg/mif/charter/, and it’s certainly not uncommon for a device to be presented with multiple captive portals in many locations. Or at the very least a 3G/4G interface and a WiFi interface that may see one captive portal (as per 4.1 of RFC 7556). Tim _______________________________________________ Captive-portals mailing list [email protected] https://www.ietf.org/mailman/listinfo/captive-portals
