Re: Security for the IETF wireless network
2014-07-25 07:31:02On 7/25/14, 7:59 AM, George, Wes wrote:
Jari, while I support this idea, if I had to prioritize, I'd rather us focus on consistently offering *any* secured WiFi option in the hotel rooms. Here at the Fairmont, for example: ietf-hotel is the only SSID available, and it's not secure. Yes, one could use wired, assuming one's widget has an ethernet plug, but many now don't.
If you have the luxury of a wired port, deploying your own ap will probably get you more deterministic service, and a secure air interface. prefix delegatation is probably something we need to do. The amount of control we have over the hotels infrastruture varies, this time it's a meru controller and we were able to change the ssid and get it to bridge ipv6 which are both tiny miracles.
I realize that this request is often limited by the host hotel's infrastructure, which may or may not support .1x, but even if the best we can do is to offer WPA2 with "IETF", or "encryptionFTW" as the password, that'd be a great improvement over what we have currently.
We end up providing network service to the rest of hotel during the meeting so it also needs to work as expected for the rest of the guests.
Thanks, Wes On 7/24/14, 4:38 PM, "IETF Chair" <chair(_at_)ietf(_dot_)org> wrote:While many of us have been working on improved transport and other security mechanisms, I’d like to observe that the default wireless network we are using here in Toronto is unencrypted over the air. I am not sure how good practice that is. And it is probably not a good example either. Could we consider making 802.1X the default, for instance, starting in Honolulu meeting? At least in the sense of the ietf SSID providing security and perhaps ietf-nosec providing the current behaviour? It would also be helpful if you try it now. The two SSIDs, ietf.1x and ietf-a.1x are available now, we recommend you use them and we would appreciate your reporting any problems. The user ID and password are both 'ietf' (sans quotes). Jari Arkko IETF Chair (with input from some NOC people)This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout.
signature.asc
Description: OpenPGP digital signature
| Previous by Date: | Hotel networks (Was Re: Security for the IETF wireless network), Steve Crocker |
|---|---|
| Next by Date: | Re: [90all] Security for the IETF wireless network, Randall Gellens |
| Previous by Thread: | Re: Hotel networks (Was Re: Security for the IETF wireless network), Samuel Weiler |
| Next by Thread: | Re: Security for the IETF wireless network, Tim Wicinski |
| Indexes: | [Date] [Thread] [Top] [All Lists] |