I'm interested in the Sandboxing point in section 4. I understand these to be designed as a pro-user security feature. In general I don't trust random network devices in hotels so I'll use a VPN. That leaves me open to malware attacks from the captive portal [1]. Deciding to put captive portals into a more-restrictive-than-usual sandbox then seems reasonable to me.
Can you explain the problems caused by sandboxing (I don't think I've ever experienced them)? David [1] http://www.wired.com/2014/11/darkhotel-malware/ On Mon, Feb 15, 2016 at 11:24 PM, Mark Nottingham <[email protected]> wrote: > > > On 16 Feb 2016, at 4:46 AM, Warren Kumari <[email protected]> wrote: > > > > Mark Nottingham is already working on a "problem statement" type draft > with outlines some of this, but we'd like more viewpoints/ discussions. > > Please! > > > His initial submission is here: "Before You Log In, Here's A Brief > Message From Our Sponsors!" - draft-nottingham-capport-problem ( > https://datatracker.ietf.org/doc/draft-nottingham-capport-problem/) > > ... and that's really just a regurgitation of what we previously put > together at <https://github.com/httpwg/wiki/wiki/Captive-Portals>. If > people have suggestions, corrections, pull requests, etc. I'm all ears. > > Cheers, > > > > -- > Mark Nottingham https://www.mnot.net/ > > _______________________________________________ > Captive-portals mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/captive-portals >
_______________________________________________ Captive-portals mailing list [email protected] https://www.ietf.org/mailman/listinfo/captive-portals
