On Fri, Jul 25, 2014 at 10:21 AM, Stefan Winter
<stefan(_dot_)winter(_at_)restena(_dot_)lu>
wrote:
The desired incremental delta between the "ietf" open SSID and the
"ietf.1x" encrypted SSID is the addition of encryption. The additional
validation of "is this really the IETF" has been a non-goal.
It's appropriate for organizations with different goals to have
different policies.
Sure. Adding the authentication is not difficult though if you already
went through the pain of a RADIUS server setup. Basically, a few lines
of HTML description of the network give you all the extra goodness.
Meaning, you'd be happy if we replace "Do not validate server cert" with
"If you'd like to validate the server cert, you can import the public key
<a href="...">here</a>, or the fingerprint is 53 63 6f 6f 62 79 20 44 6f 6f
62 79 20 44 6f 6f 21"?
Bill