Hi, > It is my personal experience that open SSIDs are more trouble than they are > worth. Open means open, trying to shoe-horn security into it makes trouble > for everyone. I can't tell you how much trouble i have been through because > people want the ease of open SSIDs with the security of WPA2 Enterprise ... > it simply does not exist. >
Since the topic comes to the discussion, I was approached by a SOWA (Secure Open Wireless Access) guy at Defcon: http://blogs.iss.net/archive/SownCode.html Infrastructure is auth by SSL (CN matches SSID), client-side doesn't authenticate, pretty much like HTTPS works 99,9999% of the time. It's *very* clever but unfortunately requires small client side changes so convincing the OS vendors is necessary. Anyways, after I'm done with some more fingerbank work, I would like to work on making SOWA possible. PacketFence, as a turnkey RADIUS provider, is in a good position to at least demo it. Anyone want to help? Cheers! -- Olivier Bilodeau [email protected] :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/ _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
