Re: meeting ietf-legacy ssid

I think that, as an experiment to see what the impact is, we should not have 
ietf-legacy at IETF99.

The IETF is telling the word it’s important to use encryption, we should be 
eating our own dog food.

Bob

> On Jul 11, 2017, at 7:20 PM, Brian E Carpenter 
> <brian(_dot_)e(_dot_)carpenter(_at_)gmail(_dot_)com> wrote:
>
> On 12/07/2017 12:34, Randy Bush wrote:
> > the noc sees a quite large number of associations to the unencrypted
> > ietf-legacy ssid as opposed to say the encrypted ietf ssid
> >
> > some of us are wondering if those using ietf-legacy
> >
> >  o do not realize it is completely unencrypted over the air, or
> >
> >  o don't care as their threat model sees runnin' nekkid over the air as
> >    not a significant additional weakness, or
> If you don't feel that way, there are millions of networks you can never
> use, including most hotels, cafes etc.
>
> >  o believe that they are using sufficient encryption at higher layers
> >    to meet their needs, or
> If you believe that, you're probably wrong ;-)
>
> >  o other
> 1) For whatever reason my Android 4.3 phone has always seemed allergic
> to the ietf network (although after much torture, it agreed to connect
> to eduroam). So it only knows about ietf-legacy and ietf-hotel.
>
> 2) On my laptop things are better, but I do have ietf-legacy lower in
> the list as a fallback.
>
> > these days, some meetings do not provide unencrypted wifi at all and
> > seem not to get complaints.  maybe their attendees are just geekier
> > and/or more security conscious.
> ...or they just don't care as long as it works. There's a lot of
> that about.
>
> Jordi is correct about the ordering of SSIDs in the list kept by the
> o/s. If you don't manually push ietf-legacy down the list, it may well
> be picked automatically.
>
>    Brian

signature.asc
Description: Message signed with OpenPGP