[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Captive-portals] The architecture requiring that the API be secure

To: "[email protected]" <[email protected]>
Subject: [Captive-portals] The architecture requiring that the API be secure
From: Kyle Larose <[email protected]>
Date: Wed, 28 Feb 2018 13:30:39 +0000
Accept-language: en-US
Archived-at: <https://mailarchive.ietf.org/arch/msg/captive-portals/ieIdItcCZlFQniAuyKP1yOGoq4Y>
Delivered-to: [email protected]
List-archive: <https://mailarchive.ietf.org/arch/browse/captive-portals/>
List-help: <mailto:[email protected]?subject=help>
List-id: Discussion of issues related to captive portals <captive-portals.ietf.org>
List-post: <mailto:[email protected]>
List-subscribe: <https://www.ietf.org/mailman/listinfo/captive-portals>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/options/captive-portals>, <mailto:[email protected]?subject=unsubscribe>
Thread-index: AdOwmEGIOc5tUImgQ+iecfSJRc2rmQ==
Thread-topic: The architecture requiring that the API be secure

Hey everyone,

Issue #6 in the architecture draft (https://github.com/capport-wg/architecture/issues/6)
was raised to point out that we should really mandate that the API be secure.

Basically, we want to make TLS a requirement, not a suggestion, so I've changed the
wording around TLS to reflect this. I also added a section to the security section
discussing the motivation behind the requirement.

I haven't submitted a new draft with these changes yet; they're still on github in a pull
request.

Let me know if you have any comments or concerns.

Thanks,

Kyle

Disclaimer:
This communication (including any attachments) is intended for the use of the intended recipient(s) only and may contain information that is considered confidential, proprietary, sensitive and/or otherwise legally protected. Any unauthorized use or dissemination of this communication is strictly prohibited. If you have received this communication in error, please immediately notify the sender by return e-mail message and delete all copies of the original communication. Thank you for your cooperation.

Follow-Ups:
- Re: [Captive-portals] The architecture requiring that the API be secure
  - From: Michael Richardson <[email protected]>

Prev by Date: Re: [Captive-portals] capport - Requested session has been scheduled for IETF 101
Next by Date: Re: [Captive-portals] The architecture requiring that the API be secure
Previous by thread: Re: [Captive-portals] capport - Requested session has been scheduled for IETF 101
Next by thread: Re: [Captive-portals] The architecture requiring that the API be secure
Index(es):
- Date
- Thread