On Wed, 2006-03-22 at 15:14 -0500, Robert Love wrote: > On Wed, 2006-03-22 at 21:14 +0100, Jan Mynarik wrote: > > > > Another question is, if NM detects your Dynamic WEP-based AP, does it > > > think it is doing WPA Enterprise? It should. > > > > No, when I select this network from nm-applet's list, n-m tries to > > connect and then opens dialog asking for WEP (passphrase|40-bit|104-bit > > key). > > Hrm. That is a problem. Kind of sucks if there is no way for the AP to > advertise that it does half-WPA/half-WEP. I presumed it would advertise > the WPA-EAP stuff, but then non-WPA cards might not grok that. > > Anyhow ... you can test it by doing "Connect to Other ..." and selecting > "WPA Enterprise" with a key type of "Dynamic WEP" and filing out the > other fields selectively, as needed.
I've started to think that we may need to separate the encryption from the auth a bit more. When I did the initial architecture stuff over Christmas it wasn't clear what split between auth+enc should be. But since people seem to do really, really wacky stuff like TKIP + LEAP (why God, why) I think we need to make that split more apparent... The other driver for mashing them together somewhat was simplicity. We need to make sure the consumer use-cases (ie, plain WEP, unencrypted, and WPA-PSK with no auth) are completely _nailed_ and easy to use. Other cases, like 802.1x/TTLS/EAP/etc are more complicated and have more options. Those need to be exposed, but the balance of ease of use should be tilted a bit more in favor of the simple cases. So, I think we need to rethink the UI for wireless security here, and, as much as I hate to say it, possibly the dbus protocol and libnm-util. Piling more and more auth options into the matrix can't keep going on forever without a cleanup of how they are presented. Dan _______________________________________________ NetworkManager-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/networkmanager-list
