On Mar 11, 2011, at 11:03 AM, Martin Rex wrote:
Phillip Hallam-Baker wrote:
1) WPA/WPA2 is not an end to end protocol by any stretch of imagination.
It is link layer security.
It is a 100% end-to-end security protocol.
I'm reminded of those signs saying "Repent! The end is closer than you think!"
I think we have different ends in mind here. In the real-time community, we
usually think of WPA2 as an "end to middle" security protocol, in that it
doesn't protect the entire path from Alice to Bob unless both are running on
the same ad-hoc wireless network. It does protect the specific link, say from
Alice to her access-point, but does nothing to keep the access point itself
from mirroring the cleartext onto another port.
Ietf mailing list