Re: TLS 1.3 and Captive Portals

This would be better for tls@ietf.org

Sent from my iPhone.  Please excuse brevity.

> On Dec 3, 2015, at 11:21, Craig Francis <craig@craigfrancis.co.uk> wrote:
>
> Hi,
>
> Not sure where the discussion is happening with TLS 1.3, but just a though...
>
> When someone first connects to a captive portal (e.g. hotel WiFi), they typically redirect any requests to a login/terms/payment page.
>
> If that redirect is done for a HTTPS connection, then the browser will/should complain (bad certificate).
>
> Would it be possible for the TLS 1.3 handshake to support this situation?
>
> So maybe the browser gets a response which does not attempt to give a certificate, but is simply a URL to redirect the user to.
>
> Then the browser can show a nice and friendly error message, and a link for the user to load (if they want to).
>
> Craig

Received on Thursday, 3 December 2015 16:39:59 UTC