Captive Portal Architecture
draft-ietf-capport-architecture-10

Document Type Active Internet-Draft (capport WG)
Authors Kyle Larose  , David Dolson  , Heng Liu 
Last updated 2020-10-07 (latest revision 2020-09-23)
Replaces draft-larose-capport-architecture
Stream IETF
Intended RFC status Informational
Formats plain text html xml pdf htmlized (tools) htmlized bibtex
Reviews
Stream WG state Submitted to IESG for Publication
Document shepherd Martin Thomson
Shepherd write-up Show (last changed 2020-04-20)
IESG IESG state RFC Ed Queue
Consensus Boilerplate Yes
Telechat date
Responsible AD Barry Leiba
Send notices to Martin Thomson <mt@lowentropy.net>
IANA IANA review state Version Changed - Review Needed
IANA action state No IANA Actions
RFC Editor RFC Editor state RFC-EDITOR
Details
Internet Engineering Task Force                                K. Larose
Internet-Draft                                                  Agilicus
Intended status: Informational                                 D. Dolson
Expires: 27 March 2021                                                  
                                                                  H. Liu
                                                                  Google
                                                       23 September 2020

                      Captive Portal Architecture
                   draft-ietf-capport-architecture-10

Abstract

   This document describes a captive portal architecture.  Network
   provisioning protocols such as DHCP or Router Advertisements (RAs),
   an optional signaling protocol, and an HTTP API are used to provide
   the solution.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 27 March 2021.

Copyright Notice

   Copyright (c) 2020 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

Larose, et al.            Expires 27 March 2021                 [Page 1]
Internet-Draft         Captive Portal Architecture        September 2020

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.  Code Components
   extracted from this document must include Simplified BSD License text
   as described in Section 4.e of the Trust Legal Provisions and are
   provided without warranty as described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
     1.1.  Requirements Language . . . . . . . . . . . . . . . . . .   5
     1.2.  Terminology . . . . . . . . . . . . . . . . . . . . . . .   5
   2.  Components  . . . . . . . . . . . . . . . . . . . . . . . . .   6
     2.1.  User Equipment  . . . . . . . . . . . . . . . . . . . . .   6
     2.2.  Provisioning Service  . . . . . . . . . . . . . . . . . .   7
       2.2.1.  DHCP or Router Advertisements . . . . . . . . . . . .   8
       2.2.2.  Provisioning Domains  . . . . . . . . . . . . . . . .   8
     2.3.  Captive Portal API Server . . . . . . . . . . . . . . . .   8
     2.4.  Captive Portal Enforcement Device . . . . . . . . . . . .   9
     2.5.  Captive Portal Signal . . . . . . . . . . . . . . . . . .  10
     2.6.  Component Diagram . . . . . . . . . . . . . . . . . . . .  10
   3.  User Equipment Identity . . . . . . . . . . . . . . . . . . .  12
     3.1.  Identifiers . . . . . . . . . . . . . . . . . . . . . . .  12
     3.2.  Recommended Properties  . . . . . . . . . . . . . . . . .  12
       3.2.1.  Uniquely Identify User Equipment  . . . . . . . . . .  13
       3.2.2.  Hard to Spoof . . . . . . . . . . . . . . . . . . . .  13
       3.2.3.  Visible to the API Server . . . . . . . . . . . . . .  13
       3.2.4.  Visible to the Enforcement Device . . . . . . . . . .  14
     3.3.  Evaluating Types of Identifiers . . . . . . . . . . . . .  14
     3.4.  Example Identifier Types  . . . . . . . . . . . . . . . .  14
       3.4.1.  Physical Interface  . . . . . . . . . . . . . . . . .  14
       3.4.2.  IP Address  . . . . . . . . . . . . . . . . . . . . .  15
       3.4.3.  Media Access Control (MAC) Address  . . . . . . . . .  16
     3.5.  Context-free URI  . . . . . . . . . . . . . . . . . . . .  16
   4.  Solution Workflow . . . . . . . . . . . . . . . . . . . . . .  17
     4.1.  Initial Connection  . . . . . . . . . . . . . . . . . . .  17
     4.2.  Conditions About to Expire  . . . . . . . . . . . . . . .  17
     4.3.  Handling of Changes in Portal URI . . . . . . . . . . . .  18
   5.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . . .  18
   6.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  19
   7.  Security Considerations . . . . . . . . . . . . . . . . . . .  19
     7.1.  Trusting the Network  . . . . . . . . . . . . . . . . . .  19
     7.2.  Authenticated APIs  . . . . . . . . . . . . . . . . . . .  19
     7.3.  Secure APIs . . . . . . . . . . . . . . . . . . . . . . .  20
Show full document text