W3C home > Mailing lists > Public > public-webappsec@w3.org > December 2015

TLS 1.3 and Captive Portals

From: Craig Francis <craig@craigfrancis.co.uk>
Date: Thu, 3 Dec 2015 16:19:34 +0000
Message-Id: <1A63DF48-E7E2-4A19-83FE-0299B8C15A45@craigfrancis.co.uk>
To: public-webappsec@w3.org, security-dev <security-dev@chromium.org>
Hi,

Not sure where the discussion is happening with TLS 1.3, but just a though...

When someone first connects to a captive portal (e.g. hotel WiFi), they typically redirect any requests to a login/terms/payment page.

If that redirect is done for a HTTPS connection, then the browser will/should complain (bad certificate).

Would it be possible for the TLS 1.3 handshake to support this situation?

So maybe the browser gets a response which does not attempt to give a certificate, but is simply a URL to redirect the user to.

Then the browser can show a nice and friendly error message, and a link for the user to load (if they want to).

Craig
Received on Thursday, 3 December 2015 16:20:11 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:16 UTC