IETF Logo Mail Archive

Re: [saag] Would love some feedback on Opportunistic Wireless Encryption

Josh Howlett <Josh.Howlett@jisc.ac.uk> Fri, 28 August 2015 09:47 UTC

Return-Path: <josh.howlett@jisc.ac.uk>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C95371ACE23 for <saag@ietfa.amsl.com>; Fri, 28 Aug 2015 02:47:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.302
X-Spam-Level:
X-Spam-Status: No, score=-2.302 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SLZ-8n8UswAG for <saag@ietfa.amsl.com>; Fri, 28 Aug 2015 02:47:27 -0700 (PDT)
Received: from eu-smtp-delivery-189.mimecast.com (eu-smtp-delivery-189.mimecast.com [146.101.78.189]) by ietfa.amsl.com (Postfix) with ESMTP id C8C5A1A1B4B for <saag@ietf.org>; Fri, 28 Aug 2015 02:47:26 -0700 (PDT)
Received: from emea01-am1-obe.outbound.protection.outlook.com (mail-am1lrp0019.outbound.protection.outlook.com [213.199.154.19]) (Using TLS) by eu-smtp-1.mimecast.com with ESMTP id uk-mta-15-FVxbHy3FRreBVlZhgHKs2A-1; Fri, 28 Aug 2015 10:47:23 +0100
Received: from DB3PR07MB138.eurprd07.prod.outlook.com (10.242.132.20) by DB3PR07MB138.eurprd07.prod.outlook.com (10.242.132.20) with Microsoft SMTP Server (TLS) id 15.1.256.15; Fri, 28 Aug 2015 09:47:22 +0000
Received: from DB3PR07MB138.eurprd07.prod.outlook.com ([169.254.8.199]) by DB3PR07MB138.eurprd07.prod.outlook.com ([169.254.8.199]) with mapi id 15.01.0256.013; Fri, 28 Aug 2015 09:47:22 +0000
From: Josh Howlett <Josh.Howlett@jisc.ac.uk>
To: Stefan Winter <stefan.winter@restena.lu>, "saag@ietf.org" <saag@ietf.org>
Date: Fri, 28 Aug 2015 10:47:22 +0100
Thread-Topic: [saag] Would love some feedback on Opportunistic Wireless Encryption
Thread-Index: AQHQ4DBZ69cTh+zZrkypIC+mXoL8Mp4ghZyAgACgxwCAAAH34A==
Message-ID: <DB3PR07MB1386AB71D79575C72EDFC3BBC6E0@DB3PR07MB138.eurprd07.prod.outlook.com>
References: <CAHw9_iKt39m+tCHYxN4VuVFkJf65Go_V2x0udOtEn32ke+nrkQ@mail.gmail.com> <20150826170138.GB9021@mournblade.imrryr.org> <CAHw9_iJsg3WLRBW-h3nW14aAHF0f1UTAATRBmy5eR3-hS1QDZw@mail.gmail.com> <DM2PR0301MB0655816443EC6146F639C7DFA8600@DM2PR0301MB0655.namprd03.prod.outlook.com> <CAHw9_iJ1BgYWgdEJHivZeabgPUJ9soOrZr1DdxBiH2k4dquoLg@mail.gmail.com> <55E028E0.6080803@restena.lu>
In-Reply-To: <55E028E0.6080803@restena.lu>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-GB, en-US
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Josh.Howlett@jisc.ac.uk;
x-originating-ip: [86.129.140.32]
x-microsoft-exchange-diagnostics: 1; DB3PR07MB138; 5:sF6YuR8RPHYkvQu9XNtuuwxicDCKyrifxX92V3KBylMiLbzINaV4fzdY0BOQ2LAKxV8YIslD9ZWYpNWb55XizOt7VbZ62ee1I2XIO9q7Rl1BDGWhCVz1V9z24i4Fu6tX3KSRQJ2FpYDv1ht2czg5dg==; 24:4nYwuJBWYEDr0ig9D+dL1hTYE3qUE0V+Q3gJ7PRwkU7XC1f8jhGags5hN0UpFVPL8XpFPJ9dmSYuugU96fD7tW7y32vFNFZuVqiQka5ySLE=; 20:iE9YOfHdthHZLls0r4wVK3MHvhgnVfgeUR6+sLaTm6B5lijv4qEz0gQHYJtKpEJfl/d1cODw+wDsxr7IYFyEzomY5qTe73CIo9abMZUfDgkFNVuGLHQR/KCm+8JLTUDQMuG66L6J+0hrS1PS+erBh7A6vZaJJ0VxgpuJP3ADc/c=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DB3PR07MB138;
x-microsoft-antispam-prvs: <DB3PR07MB1381A981EDCE91496176E69BC6E0@DB3PR07MB138.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(5005006)(8121501046)(3002001); SRVR:DB3PR07MB138; BCL:0; PCL:0; RULEID:; SRVR:DB3PR07MB138;
x-forefront-prvs: 0682FC00E8
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(199003)(189002)(10400500002)(74316001)(33656002)(86362001)(40100003)(2501003)(2950100001)(2900100001)(68736005)(5003600100002)(4001540100001)(97736004)(5001770100001)(81156007)(106116001)(62966003)(77156002)(5002640100001)(106356001)(102836002)(5007970100001)(5001960100002)(76576001)(107886002)(189998001)(5004730100002)(5001860100001)(93886004)(105586002)(5001830100001)(2656002)(76176999)(66066001)(54356999)(101416001)(50986999)(46102003)(87936001)(74482002)(122556002)(92566002)(64706001); DIR:OUT; SFP:1101; SCL:1; SRVR:DB3PR07MB138; H:DB3PR07MB138.eurprd07.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: jisc.ac.uk does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
x-originatororg: jisc.ac.uk
x-ms-exchange-crosstenant-originalarrivaltime: 28 Aug 2015 09:47:22.6083 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 48f9394d-8a14-4d27-82a6-f35f12361205
x-ms-exchange-transport-crosstenantheadersstamped: DB3PR07MB138
x-mc-unique: FVxbHy3FRreBVlZhgHKs2A-1
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/5a8RY4WGrUoB3gD-3Pqi3XtdHpk>
X-Mailman-Approved-At: Sat, 29 Aug 2015 08:02:38 -0700
Subject: Re: [saag] Would love some feedback on Opportunistic Wireless Encryption
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Aug 2015 09:47:29 -0000

> So, what exactly are we winning with this approach?

+1

I would also be concerned around with unintended consequences arising from users drawing incorrect expectations of the security yielded by this approach. It does confer some additional protection but in a very qualified way; and in ways that are impossible for a layman to understand. It could encourage users to attribute too much trust in the network, in ways that they wouldn't with an "open" network. This is a general issue with OE, of course.

FWIW, at least in the UK most public WiFi access is captive portal, provided by a relatively small number of operators. In practice therefore I doubt there would be a market for this.

Josh.

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.

Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under company number 2881024, VAT number GB 197 0632 86. The registered office is: One Castle Park, Tower Hill, Bristol BS2 0JA. T 0203 697 5800.

v2.23.0 | Report a Bug | By Email