> I think this is the first main disagreement between us here. The > EAP-TLS standard, RFC 5216, is pretty clear: """While the EAP server > SHOULD require peer authentication, this is not mandatory, since > there are circumstances in which peer authentication will not be > needed (e.g., emergency services, as described in [UNAUTH]), or > where the peer will authenticate via some other means.""" I think > OpenWireless is a perfect example of the latter, where "peer > authentication will not be needed", and is completely within the > standard and not a hack. ... I was and still am amazed. (Does > "there are circumstances" mean something else?? Is OpenWireless > *not* such a circumstance?? I feel like I'm going crazy being 1 of 2 > people in the entire world who think so. Someone please tell me I'm > not crazy! Someone agree with me! This is my MAIN point!)
I think I agree with you. You aren't crazy. I think most people on the list have not expressed agreement or disagreement, mostly because they don't understand the technologies that you are describing the details of. Myself, I did not know the 802.11 authentication protocols before now (beyond recalling that the original WEP was useless). I am only poking at them a bit now, as I try to understand your suggestion. For openwireless readers who don't understand the protocols or the suggestion that californiajack is making, I recommend reading this 2010 document by Christopher Byrd: http://riosec.com/files/Open-Secure-Wireless.pdf This describes the issue in a relatively nontechnical way, and also describes the proposed solution in an only slightly more technical way. As I understand it, the basic suggestion is to use WPA-Enterprise but without any client certificate. This provides a unique key to each user of the access point, which means that another clients of the same access point (or a third party listening to the airwaves) can't read your TCP/IP traffic. (The classic WPA-PreSharedKey access points that are now commonly deployed allow other users to read the traffic of your node. The same is true of unsecured WiFi access points.) Also, WPA-Enterprise without a client certificate avoids the need for users to know a "password" (as in WPA-PreSharedKey) and avoids the need for users to receive a "client certificate" (as in traditional WPA-Enterprise). The result is the higher security of WPA-Enterprise without the user hassle. This requires changes in both access points and in clients, which is a downside. It does not violate the protocol specs, but the existing implementations have not allowed this possible way to use the specs, so they would need to be changed, if we agreed that this is the right way to go. One caveat: There may be viable attacks on this variant of the protocol, since any node can impersonate the now-unidentified client. For example, can a third party do a "deauthentication attack", as they can do on WPA-PreSharedKey? I don't know, but I want a security expert to figure out the security implications. Californiajack, I recommend that since Unauthenticated EAP-TLS is your main point, you should stick to it, and not get distracted into legal issues and such. Educate the mailing list on just how WiFi authentication works today, what's wrong with that, and how your proposal would change that for the better. See if you can build some consensus. We already have running code, so rough consensus, plus some document writing and committee politicking, is all that's required to make this an IETF standard. John Gilmore Electronic Frontier Foundation _______________________________________________ Tech mailing list [email protected] https://srv1.openwireless.org/mailman/listinfo/tech
