[Dnssec-trigger] Captive portal detection for DNSSEC-Trigger?

Jan-Piet Mens jpmens.dns at gmail.com
Tue Apr 3 11:27:57 UTC 2012


I've been travelling a bit lately and have had plenty of opportunities
to test DNSSEC-Trigger, which usually works very well, thank you!  There
is though, one situation which is a bit of a pain: having to deactivate
(Hotspot Signon) it whilst connecting to, say, a hotel's captive portal.

A tweet from Tony Finch this morning prompts me to ask something which I
believe has already been discussed, but I can't find it...

Would it be possible for DNSSEC-Trigger to implement captive portal
detection, just as e.g. Safari on iOS does it? My understanding is that
iOS (Safari, etc.) attempts to retrieve a well-known URL on apple.com
and compares the results; if they're not as expected, iOS is behind a
captive portal.

DNSSEC-Trigger could probably easily do similarly, deactivating DNSSEC
during "captivity" and attempting a few minutes later to enable DNSSEC.

Is this realistic?



More information about the dnssec-trigger mailing list