[90all] Security for the IETF wireless network

IETF Chair <chair@ietf.org> Thu, 24 July 2014 20:38 UTC

Return-Path: <chair@ietf.org>
X-Original-To: 90all@ietfa.amsl.com
Delivered-To: 90all@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 414E61B28C0; Thu, 24 Jul 2014 13:38:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sigtYatsF4Zd; Thu, 24 Jul 2014 13:38:46 -0700 (PDT)
Received: from mail.amsl.com (mail.amsl.com [4.31.198.40]) by ietfa.amsl.com (Postfix) with ESMTP id 4B73A1B27D7; Thu, 24 Jul 2014 13:38:46 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by c8a.amsl.com (Postfix) with ESMTP id 38E151E40EF; Thu, 24 Jul 2014 13:37:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from c8a.amsl.com ([127.0.0.1]) by localhost (c9a.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qo0wBIvHe8Kt; Thu, 24 Jul 2014 13:37:06 -0700 (PDT)
Received: from dhcp-9362.meeting.ietf.org (dhcp-9362.meeting.ietf.org [31.133.147.98]) by c8a.amsl.com (Postfix) with ESMTPSA id D74921E1890; Thu, 24 Jul 2014 13:37:05 -0700 (PDT)
Content-Type: text/plain; charset=windows-1252
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: IETF Chair <chair@ietf.org>
Date: Thu, 24 Jul 2014 16:38:44 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <0FE63216-9BE8-450F-80FB-D1DB6166DFEF@ietf.org>
To: 90all@ietf.org
X-Mailer: Apple Mail (2.1878.6)
Archived-At: http://mailarchive.ietf.org/arch/msg/90all/UdLVAlNeYwCTffCjRbkyWUYaYvk
X-Mailman-Approved-At: Fri, 25 Jul 2014 05:18:04 -0700
Cc: ietf-announce@ietf.org
Subject: [90all] Security for the IETF wireless network
X-BeenThere: 90all@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: IETF discussion list <ietf@ietf.org>
List-Id: <90all.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/90all>, <mailto:90all-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/90all/>
List-Post: <mailto:90all@ietf.org>
List-Help: <mailto:90all-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/90all>, <mailto:90all-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jul 2014 20:38:47 -0000

While many of us have been working on improved transport and other security mechanisms, I’d like to observe that the default wireless network we are using here in Toronto is unencrypted over the air.  I am not sure how good practice that is. And it is probably not a good example either.

Could we consider making 802.1X the default, for instance, starting in Honolulu meeting? At least in the sense of the ietf SSID providing security and perhaps ietf-nosec providing the current behaviour?

It would also be helpful if you try it now. The two SSIDs, ietf.1x and ietf-a.1x are available now, we recommend you use them and we would appreciate your reporting any problems. The user ID and password are both 'ietf' (sans quotes).

Jari Arkko
IETF Chair
(with input from some NOC people)