Phillip does have a point regarding 802.1x authentication, which is typically used to authenticate the user to the service, and not vice versa. Conceivably a person could set up an "evil" access point that advertises the same beacon as the official access points, and has 802.1x enabled to accept the same shared user name and password (which is also well publicized).
One way that could make this much more secure from the user viewpoint would be for every attendee to receive an individual 802.1x user name and password, perhaps printed on the back of their name tag. Presumably an "evil" access point would not have access to these names and passwords, so users can be sure that they are attaching to an official access point. But as this would create much more work for the NOC and admin staff, I'm not advocating we do that. Cheers, Andy On Mon, Mar 24, 2008 at 10:30 PM, Patrik Fältström <[EMAIL PROTECTED]> wrote: > > On 25 mar 2008, at 02.18, Hallam-Baker, Phillip wrote: > > > I am willing to have a go at it next time round but only if I have > > some idea what I am expected to have on my machine and what > > authentication indicata I am to expect. > > > > As it stands there is no way for me to evaluate an authentic or > > inauthentic experience. I don't know what authentic looks like. I > > have no trust anchor. > > This email message sent to me was enough of a trust anchor to use > 802.1x. Specifically as "the instructions" are the same as IETF-70 and > previous meetings. > > http://www.ietf.org/mail-archive/web/71attendees/current/msg00154.html > > Sure, the mail was not signed, but I also asked a friend at the > meeting "what he used". And as we both had the same instructions, we > trusted that. If we wanted to, we could have asked someone actually > running the network, but we did not feel we had to. > > Patrik > > > _______________________________________________ > IETF mailing list > IETF@ietf.org > https://www.ietf.org/mailman/listinfo/ietf > _______________________________________________ IETF mailing list IETF@ietf.org https://www.ietf.org/mailman/listinfo/ietf
