ietf
[Top] [All Lists]

Re: How to get onto the IETF authenticated LAN?

2010-07-28 02:44:42
But we have...

On Jul 27, 2010, at 5:08 PM, Phillip Hallam-Baker wrote:

The endpoints used in these protocols all have the ability to perform
public key cryptography at acceptable speeds. Even if they did not,
the price of 64Mb of flash memory is negligible these days and that is
sufficient to store more than enough keys to maintain tens of
thousands of session keys in the access point.

Agree.

We have the resources and the technology to do the job right. Why do
we keep doing half measures that we know are wrong?

Because this is layer-2 stuff that should be in IEEE. 

I know this particular issue is an IEEE funeral, but isn't there a
point where others decide to take responsibility?

We did. The IETF answer would be to "just use IPSec". It's fine to use the wifi 
with broken or missing security, as long as you're securing your traffic 
end-2-end. 

You might want to look at 
http://tools.ietf.org/html/draft-laganier-ike-ipv6-cga-02 , which may allow you 
to do the IPsec with very little pre-configuring.

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>