On Thu, 20 Nov 2003, Alexandru Petrescu wrote:
-for the general public, set the AP's with both an essid and a key, in Infrastructure mode (managed).
-for the aodv public, convene to use a different essid and a different key and ad-hoc mode. If the aodv people need several ad-hoc mode subnets, just set yet another essid+key; of course all
essid's and key's must be different each compared to the other.
[...]
Exactly what problem is being solved by the introduction of a key?
Maybe, helping to find conceptual "wires" to attach to in a deterministic manner, not necessarily private. One can not accidentally attach to such a wire without explicitely setting a key.
My perception is that it brings more problems than it fixes (as you stated),
I stated that if crew decides 128bit then all people having 128bit cards can work ok (and not those with 48bit-exclusively cards).
It does not stop an attacker to set his own linux AP with same key and essid ietf, fooling passers by; but at that point that person, if found, _can_ be blamed.
and gives a wrong sense of security to boot.
I didn't claim security.
So, if the use of keys gives a false sense of security and moreover brings overload at the helpdesk, sorry for the proposal, something else must be used.
Alex