Re: Admission Control to the IETF 78 and IETF 79 Networks
Chris Elliott <chelliot@pobox.com> Tue, 06 July 2010 15:59 UTC
Return-Path: <chelliot@gmail.com>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8A78F3A65A6 for <ietf@core3.amsl.com>; Tue, 6 Jul 2010 08:59:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.976
X-Spam-Level:
X-Spam-Status: No, score=-1.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2lZTJpcxzdDe for <ietf@core3.amsl.com>; Tue, 6 Jul 2010 08:59:53 -0700 (PDT)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by core3.amsl.com (Postfix) with ESMTP id 0FAAE3A63C9 for <ietf@ietf.org>; Tue, 6 Jul 2010 08:59:52 -0700 (PDT)
Received: by gyh3 with SMTP id 3so3448805gyh.31 for <ietf@ietf.org>; Tue, 06 Jul 2010 08:59:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:sender:reply-to:received :in-reply-to:references:date:x-google-sender-auth:message-id:subject :from:to:cc:content-type; bh=Fz/eeGThey8vlqgfxqj+zkmOWXHz6yJvyArnImXxjzE=; b=AUSAjiYZm/I1YzQuq3eNNTGS0X8VNCB4XUXCWs3SL+/jR0sZAzUaSXmWCN6jFHpCHs ZVXVKyUd+DPDdXilc7BSXJeaCk4TgkHj9CEXioJZfUT6d99alw+YL7xW1pSEjfq33QPc bhFhkRE7CEEwAg/xTdCZr42LVQStyVoBABRDw=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:reply-to:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; b=PAhcqWwPezejQzPiF7Jng/X3i5oFm0EiuXVMp7AGMnyRSU4VCfJozNjYmdETv7OQ8g jkcxspq9wopiYVs7E6iIGT9yWRvISV/S2mVMnDm3j8Yfa2Tduz2B1DEiuArPF9DnAxJe VNGnVw2XMXu1EPrzQcxVRoEzeMBHhOtmFKO3Q=
MIME-Version: 1.0
Received: by 10.103.252.15 with SMTP id e15mr1035867mus.67.1278431990933; Tue, 06 Jul 2010 08:59:50 -0700 (PDT)
Sender: chelliot@gmail.com
Received: by 10.231.113.34 with HTTP; Tue, 6 Jul 2010 08:59:50 -0700 (PDT)
In-Reply-To: <AANLkTilVmeg2Tgjgllg2yT3Oc34Y4ZuwXwl9U1ELfjhc@mail.gmail.com>
References: <CFB08C07-DE90-47BE-ADFF-FC72162BBFA1@daedelus.com> <4C2BBD51.2060605@ietf.org> <6.2.5.6.2.20100701070804.0c26b8a0@resistor.net> <6D6E25E2-057B-4591-9288-1283036D0374@cisco.com> <AANLkTinMFsrGyIy9bu5kzUiZqNmDbf7lpS-eht8h3hvP@mail.gmail.com> <CCD1D0AD-97DC-4CE0-9E27-CC75B5F47C54@muada.com> <AANLkTilVmeg2Tgjgllg2yT3Oc34Y4ZuwXwl9U1ELfjhc@mail.gmail.com>
Date: Tue, 06 Jul 2010 11:59:50 -0400
X-Google-Sender-Auth: 90sf0CsOV9ZATkW-UujrKokqa04
Message-ID: <AANLkTil0UTicDlXGeprBnWpM0JjaXm_PAL2J-XTBjxB1@mail.gmail.com>
Subject: Re: Admission Control to the IETF 78 and IETF 79 Networks
From: Chris Elliott <chelliot@pobox.com>
To: Phillip Hallam-Baker <hallam@gmail.com>
Content-Type: multipart/alternative; boundary="001636418641b06a54048aba2405"
Cc: Iljitsch van Beijnum <iljitsch@muada.com>, IETF Discussion <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: chelliot@pobox.com
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Jul 2010 15:59:54 -0000
On Sat, Jul 3, 2010 at 3:13 PM, Phillip Hallam-Baker <hallam@gmail.com>wrote: > The usability of these systems suck. > > Any time a user has to think when the computer can think for them is a > failure. Every WiFi access control system I have ever used has > required me to configure the computer. > > If the designers had actual brains instead of bits of liver strapped > round their waist by dogbert then all that would be necessary to > securely authenticate to the network is to give either the MAC address > of the computer or the fingerprint of the cert. > MAC secure? Surely you jest. > This configuration is going to cost several minutes per participant. > Think of it on Enterprise scale and you have significant costs. > > > And the coffee shop scenario is not about authentication, its really > about getting acceptance of the terms of service. > > > On Sat, Jul 3, 2010 at 12:02 PM, Iljitsch van Beijnum > <iljitsch@muada.com> wrote: > > On 2 jul 2010, at 2:30, Phillip Hallam-Baker wrote: > > > >> It has taken ten years for WiFi to get to a state where an adequate > >> credential mechanism is supported, and it is still clunky. > > > > What are you talking about?? Enterprise type WPA where you authenticate > against a back end server has been around for years, and with WPA2 it > supports good encryption, too. > > > >> And they > >> still don't have a decent mechanism to support the typical coffee shop > >> type access mode. > > > > Well, you could use WPA(2) there too. People who don't have a working > account yet for the hotspot in question would then log in as guest, create > an account and then log in with that account. > > > > But I would argue that the IETF in general has ignored access control to > IP networks and how this interacts with provisioning of addresses and other > information once PPP was out the door. Look at the backflips that are > required to provide ethernet-based broadband access. Although we can > partially blame this on the lack of uptake of 802.1x which handles the > authentication, but that still makes (IP-over-)ethernet-based broadband > problematic because of its point-to-multipoint model that isn't appropriate > for providing services. > > > > > > > > -- > Website: http://hallambaker.com/ > _______________________________________________ > Ietf mailing list > Ietf@ietf.org > https://www.ietf.org/mailman/listinfo/ietf > -- Chris Elliott chelliot@pobox.com
- Re: Admission Control to the IETF 78 and IETF 79 … Martin Rex
- Admission Control to the IETF 78 and IETF 79 Netw… IETF Chair
- Re: Admission Control to the IETF 78 and IETF 79 … SM
- Re: Admission Control to the IETF 78 and IETF 79 … Fred Baker
- Re: Admission Control to the IETF 78 and IETF 79 … Olivier MJ Crepin-Leblond
- Re: Admission Control to the IETF 78 and IETF 79 … Dave CROCKER
- Re: Admission Control to the IETF 78 and IETF 79 … Andrew Sullivan
- Re: Admission Control to the IETF 78 and IETF 79 … Richard L. Barnes
- Re: Admission Control to the IETF 78 and IETF 79 … Ole Jacobsen
- Re: Admission Control to the IETF 78 and IETF 79 … Joel Jaeggli
- Re: Admission Control to the IETF 78 and IETF 79 … Marshall Eubanks
- Re: Admission Control to the IETF 78 and IETF 79 … Andrew Sullivan
- Re: Admission Control to the IETF 78 and IETF 79 … Iljitsch van Beijnum
- Re: Admission Control to the IETF 78 and IETF 79 … Ted Hardie
- Re: Admission Control to the IETF 78 and IETF 79 … Russ Housley
- Re: Admission Control to the IETF 78 and IETF 79 … Richard L. Barnes
- Re: Admission Control to the IETF 78 and IETF 79 … Russ Housley
- Re: Admission Control to the IETF 78 and IETF 79 … Russ Housley
- Re: Admission Control to the IETF 78 and IETF 79 … Russ Housley
- Re: Admission Control to the IETF 78 and IETF 79 … Richard L. Barnes
- Re: Admission Control to the IETF 78 and IETF 79 … Iljitsch van Beijnum
- Re: Admission Control to the IETF 78 and IETF 79 … Russ Housley
- Re: Admission Control to the IETF 78 and IETF 79 … David Conrad
- Re: Admission Control to the IETF 78 and IETF 79 … Joel Jaeggli
- Re: Admission Control to the IETF 78 and IETF 79 … Randy Bush
- Re: Admission Control to the IETF 78 and IETF 79 … Randy Bush
- Re: Admission Control to the IETF 78 and IETF 79 … Randy Bush
- Re: Admission Control to the IETF 78 and IETF 79 … Martin Rex
- Re: Admission Control to the IETF 78 and IETF 79 … Randy Bush
- Re: Admission Control to the IETF 78 and IETF 79 … John C Klensin
- Re: Admission Control to the IETF 78 and IETF 79 … Ole Jacobsen
- Re: Admission Control to the IETF 78 and IETF 79 … Russ Housley
- Re: Admission Control to the IETF 78 and IETF 79 … Michael StJohns
- Re: Admission Control to the IETF 78 and IETF 79 … Randy Bush
- Re: Admission Control to the IETF 78 and IETF 79 … Russ Housley
- Re: Admission Control to the IETF 78 and IETF 79 … Russ Housley
- free internet for ieters only Health
- Re: Admission Control to the IETF 78 and IETF 79 … Robert Moskowitz
- Re: Admission Control to the IETF 78 and IETF 79 … Douglas Otis
- Re: Admission Control to the IETF 78 and IETF 79 … SM
- Re: Admission Control to the IETF 78 and IETF 79 … Ole Jacobsen
- Re: Admission Control to the IETF 78 and IETF 79 … Bob Hinden
- Re: Admission Control to the IETF 78 and IETF 79 … Phillip Hallam-Baker
- Re: Admission Control to the IETF 78 and IETF 79 … SM
- Re: Admission Control to the IETF 78 and IETF 79 … Iljitsch van Beijnum
- Re: Admission Control to the IETF 78 and IETF 79 … Andrew G. Malis
- Re: Admission Control to the IETF 78 and IETF 79 … Marocco Enrico
- Re: Admission Control to the IETF 78 and IETF 79 … Ole Jacobsen
- Re: Admission Control to the IETF 78 and IETF 79 … Marocco Enrico
- Re: Admission Control to the IETF 78 and IETF 79 … Joel Jaeggli
- Re: Admission Control to the IETF 78 and IETF 79 … Phillip Hallam-Baker
- Re: Admission Control to the IETF 78 and IETF 79 … Chris Elliott
- Re: Admission Control to the IETF 78 and IETF 79 … tytso
- Re: Admission Control to the IETF 78 and IETF 79 … Mark Atwood
- Re: Admission Control to the IETF 78 and IETF 79 … Chris Elliott
- Re: Admission Control to the IETF 78 and IETF 79 … joel jaeggli
- Re: Admission Control to the IETF 78 and IETF 79 … Phillip Hallam-Baker
- Re: Admission Control to the IETF 78 and IETF 79 … Chris Elliott
- Re: Admission Control to the IETF 78 and IETF 79 … Chris Elliott
- Re: Admission Control to the IETF 78 and IETF 79 … Martin Rex
- Re: Admission Control to the IETF 78 and IETF 79 … Chris Elliott
- Re: Admission Control to the IETF 78 and IETF 79 … Douglas Otis
- Re: Admission Control to the IETF 78 and IETF 79 … Donald Eastlake
- Re: Admission Control to the IETF 78 and IETF 79 … Phillip Hallam-Baker
- Re: Admission Control to the IETF 78 and IETF 79 … Phillip Hallam-Baker
- Re: Admission Control to the IETF 78 and IETF 79 … Phillip Hallam-Baker
- Re: Admission Control to the IETF 78 and IETF 79 … Phillip Hallam-Baker
- Re: Admission Control to the IETF 78 and IETF 79 … Iljitsch van Beijnum
- Re: Admission Control to the IETF 78 and IETF 79 … Iljitsch van Beijnum
- Re: Admission Control to the IETF 78 and IETF 79 … IETF Chair
- RE: Admission Control to the IETF 78 and IETF 79 … Josh Howlett
- Re: Admission Control to the IETF 78 and IETF 79 … Phillip Hallam-Baker