Hi,
Agreed. However, SSIDs are *likely* to be unique within a roamin
consortium. This is because the parties talk to each other, and can
complain when the SSIDs are unknown, or re-used.
Umm. We use the SSID eduroam wherever possible for brand recognition,
but even we have to deviate from that at times. The big reason being:
two hotspots have overlapping coverage, and client devices get confused
when the same SSID has different IP subnets. Proprietary extensions
(Cisco controllers and LWAPP most notably) can be a way around this, but
generally, "eduroam-$FOO" can show up at places, with arbitrary values
for $FOO. Other reqasons also exist; but I won't bother you with them here.
I don't think we are unique with these sorts of considerations; and I
don't think it's safe to assume that everybody knows all SSIDs
throughout a consortium.
Greetings,
Stefan Winter
Assuming that the SSID is actually in the Called-Station-ID Attribute (see
above) and that the NAS didn't just lie in the RADIUS message, too (given
that there is no way to detect such a lie in a>1 hop AAA scenario) and that
there is no collusion between X& Z. We seem to be assuming a _lot_ of
honesty from our thieves.
Yes.
There are mitigating circumstances. AAA relationships leverage trust.
Continued trust depends on the parties continuing to meet expectations.
Lying about SSIDs violates trust.
Alan DeKok.
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la
Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
Tel: +352 424409 1
Fax: +352 422473
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
