I use "IETF Legacy" because 1) it is easy 2) if you think encrypting your
traffic over the first 50 feet is all you need to do, well what can I say. (and
of course I understand Randy and probably everyone else on this thread does not
think that)
I'd use something else if it was as easy and worked as well - perhaps if we
turned off Legacy, I would be forced to discover there was something I liked
better but in general I am at IETF to get work done not to eat dog food. In
general I think that the IETF has spent a good amount of time on "making it
harder for the bad guys" but not enough time on making security "easy for the
good guys".
On Jul 11, 2017, at 6:34 PM, Randy Bush <randy(_at_)psg(_dot_)com> wrote:
the noc sees a quite large number of associations to the unencrypted
ietf-legacy ssid as opposed to say the encrypted ietf ssid
some of us are wondering if those using ietf-legacy
o do not realize it is completely unencrypted over the air, or
o don't care as their threat model sees runnin' nekkid over the air as
not a significant additional weakness, or
o believe that they are using sufficient encryption at higher layers
to meet their needs, or
o other
these days, some meetings do not provide unencrypted wifi at all and
seem not to get complaints. maybe their attendees are just geekier
and/or more security conscious.
clue bat, please. unicast responses accepted too.
randy