from the top of my head... ###What's bad for the user:
-Captive portal: no encryption over the air, pesky re-authentication and timeouts, no authentication of the infrastructure (yes, when you accept that SSL Cert from RADIUS you actually authenticate the infrastructure) -802.1X: finicky supplicants, and, without a good installer, long config instructions. Strongly authenticated (can't escape the system ;-) ###What's bad for the network engineer (and user stuff as well...): -Captive portal: CPU capacity of portal (802.11ac!!!), clients taking IP addresses and air time even if not authenticated, authentication can be defeated -802.1X: bugs from various vendors. A pain the troubleshoot when not working. Certificate Expiration and help desk calls resulting from it add yours! Philippe Philippe Hanset www.eduroam.us On Nov 19, 2013, at 2:10 PM, Jeff Kell <[email protected]> wrote: > On 11/19/2013 4:05 PM, Peter P Morrissey wrote: >> Can anyone name an application that does not have strong encryption? >> >> I'm not arguing against 802.1x, because it works very well for us as users >> don't have to authenticate constantly on a portal, and we seem to do a very >> good job getting them on initially, but I am having a hard time >> understanding the encryption benefits lately. > > Does FireSheep or Ettercap ring any bells? > > Jeff > > ********** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. > ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
