Alan, Sam, Glen,
imho, I'd not place any trust in an SSID.
Its just a 32 octet string that can be set to anything, and provides
no guarantee about the identity of a WLAN.
Kind regards
Stephen
On 20 June 2010 17:05, Alan DeKok <[email protected]> wrote:
> Glen Zorn wrote:
>>>> Note the use of "should".
>>> Which is a common practice.
>>
>> ???
>
> 3580 says Called-Station-Id SHOULD include the SSID. Most APs do
> include the SSID.
>
>>> However, SSIDs are *likely* to be unique within a roamin
>>> consortium. This is because the parties talk to each other, and can
>>> complain when the SSIDs are unknown, or re-used.
>>
>> What parties? The BSSs? Why?
>
> The parties in a roaming consortium talk to each other.
>
>>> There are mitigating circumstances. AAA relationships leverage trust.
>>> Continued trust depends on the parties continuing to meet expectations.
>>> Lying about SSIDs violates trust.
>>
>> But fraud doesn't?
>
> Yes, fraud violates trust. My original post included an example of
> fraud, stated why this was bad, and how channel bindings could help.
>
> Alan DeKok.
> _______________________________________________
> Emu mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/emu
>
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
