Re: [88attendees] WPA2 Enterprise WiFi?
Jason Fesler <jfesler@gigo.com> Fri, 08 November 2013 20:54 UTC
Return-Path: <jfesler@gigo.com>
X-Original-To: 88attendees@ietfa.amsl.com
Delivered-To: 88attendees@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD6C921E80E8 for <88attendees@ietfa.amsl.com>; Fri, 8 Nov 2013 12:54:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.977
X-Spam-Level:
X-Spam-Status: No, score=-2.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gLKsn+DFNoER for <88attendees@ietfa.amsl.com>; Fri, 8 Nov 2013 12:54:21 -0800 (PST)
Received: from mail-wg0-f42.google.com (mail-wg0-f42.google.com [74.125.82.42]) by ietfa.amsl.com (Postfix) with ESMTP id 9210721E80B6 for <88attendees@ietf.org>; Fri, 8 Nov 2013 12:54:21 -0800 (PST)
Received: by mail-wg0-f42.google.com with SMTP id k14so213331wgh.3 for <88attendees@ietf.org>; Fri, 08 Nov 2013 12:54:20 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=BuhMi65VuzjNLxYLK4fDlhNyhGjz/ZF6UYP2IoGaGNI=; b=CmCpSEXRR/ekXslhvIwXi07KrLd+V+UnjKadDHaTQzqvUcexO7H3gWff6uH/oPSWuu iUNWN4KPbg0IXuz86nV5zyl0mgn3aZbUmvFXgfznboUPPVcRblRlpP08cjFwU90cQrye WDfKwP9DFxGCw3bf3KgbmW/pVi+eWJnu+n2aLuxJ615vlRhMBRfM/Y9/faQnMURxyLYg FVMTg0YWB2utLWYdOX1YSDxkXedvqA7QPbPw6j0J2doEqsdyvjiLbhlkxabpV4zMuFO0 nuToGZ7H0HCMH7TfTuKZPtY3dumqfTlVus8IZHNnMtx8GOrlf1shm7jJd3HxfvWKANfY id+Q==
X-Gm-Message-State: ALoCoQmwhJE3xMIE7LbhE5imKAPMz+NlCXYx8Fe1D3uZOtOQG1Aubw6/c0GnMQ4U+2wW25q3GRbh
MIME-Version: 1.0
X-Received: by 10.194.250.6 with SMTP id yy6mr13742469wjc.13.1383944060583; Fri, 08 Nov 2013 12:54:20 -0800 (PST)
Received: by 10.217.113.5 with HTTP; Fri, 8 Nov 2013 12:54:20 -0800 (PST)
In-Reply-To: <527D4877.604@sidn.nl>
References: <527D3AB4.40600@sidn.nl> <09EFC37F-CFBC-4573-9F44-BA1ECF81F896@kumari.net> <527D4436.9020806@sidn.nl> <CAATsVbbWzUMt0Dqyrq1gUGQ2a2ZBgYn4F_o=W0HfVi+HitysTQ@mail.gmail.com> <527D45DE.2010304@sidn.nl> <22B3888C-410F-4BA3-A26C-26E9F2387066@kumari.net> <527D4877.604@sidn.nl>
Date: Fri, 08 Nov 2013 12:54:20 -0800
Message-ID: <CADCiYHDxO0NgtpZC3go7FtWcEdRXvZbgi3oWN4kE0d4P4p21Hg@mail.gmail.com>
From: Jason Fesler <jfesler@gigo.com>
To: "Marco Davids (SIDN)" <marco.davids@sidn.nl>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
Cc: Warren Kumari <warren@kumari.net>, "88attendees@ietf.org" <88attendees@ietf.org>
Subject: Re: [88attendees] WPA2 Enterprise WiFi?
X-BeenThere: 88attendees@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Mailing list of IETF 88 attendees that have opted in to the list." <88attendees.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/88attendees>, <mailto:88attendees-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/88attendees>
List-Post: <mailto:88attendees@ietf.org>
List-Help: <mailto:88attendees-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/88attendees>, <mailto:88attendees-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Nov 2013 20:54:28 -0000
Never hurts to double-encrypt. /me hugs his double-rot13. On Fri, Nov 8, 2013 at 12:24 PM, Marco Davids (SIDN) <marco.davids@sidn.nl> wrote: > On 08/11/13 12:17, Warren Kumari wrote: > >>> If "ietf/ietf" generates different keys for each person that uses it, I >>> guess we're good. >> >> Ah, yes. I understand now, we have been talking past each other… >> WPA uses 802.1X EAPOL-Key packets to distribute per-session keys / there is a temporal key / hand wave hand wave. Every securely gets thier own key... > > I believe I was put on the wrong track somewhere along the line. Most > likely because of the same credentials we all use. Somehow in my mind I > drew the wrong conclusion that perhaps we where doing WPA2-PSK (in spite > of the .1x in the name), but that was obviously a stupid assumption. > > Thanks, good to know we're safe ;-) > > -- > Marco > (and yes, I do use a VPN on top of 802.1x) > > _______________________________________________ > 88attendees mailing list > 88attendees@ietf.org > https://www.ietf.org/mailman/listinfo/88attendees -- Jason Fesler, email/jabber <jfesler@gigo.com> resume: http://jfesler.com "Give a man fire, and he'll be warm for a day; set a man on fire, and he'll be warm for the rest of his life."
- [88attendees] WPA2 Enterprise WiFi? Marco Davids (SIDN)
- Re: [88attendees] WPA2 Enterprise WiFi? Dominik Bay
- Re: [88attendees] WPA2 Enterprise WiFi? Warren Kumari
- Re: [88attendees] WPA2 Enterprise WiFi? Marco Davids (SIDN)
- Re: [88attendees] WPA2 Enterprise WiFi? joel jaeggli
- Re: [88attendees] WPA2 Enterprise WiFi? Yasuo Okabe
- Re: [88attendees] WPA2 Enterprise WiFi? Marco Davids (SIDN)
- Re: [88attendees] WPA2 Enterprise WiFi? Marco Davids (SIDN)
- Re: [88attendees] WPA2 Enterprise WiFi? Warren Kumari
- Re: [88attendees] WPA2 Enterprise WiFi? Bill Fenner
- Re: [88attendees] WPA2 Enterprise WiFi? Marco Davids (SIDN)
- Re: [88attendees] WPA2 Enterprise WiFi? Warren Kumari
- Re: [88attendees] WPA2 Enterprise WiFi? Chris Elliott
- Re: [88attendees] WPA2 Enterprise WiFi? Bill Fenner
- Re: [88attendees] WPA2 Enterprise WiFi? joel jaeggli
- Re: [88attendees] WPA2 Enterprise WiFi? Marco Davids (SIDN)
- Re: [88attendees] WPA2 Enterprise WiFi? Jason Fesler