On Wed, 2008-07-02 at 11:09 -0400, Matthew Saltzman wrote: > Think about how accessing wireless systems works. If you have to > authenticate, then you have to be logged in to do it (or you have to > preconfigure it). If you are a mobile user, you may have to do it > several times--NM makes the process about as convenient as possible. > Authentication should be tied to a user: user A should not necessarily > be able to authenticate to user B's WAP unless user A also knows the > key. (Apropos another thread, that's why the keyring is used to store > encrypted keys.) This actually raises an interesting point. The various discussions of wireless authentication I've seen don't clearly distinguish between the user and the device in all cases. Sometimes they do (e.g. when using WPA in an enterprise mode which requires authenticating the actual user to a central server) and other times they don't (such as the very common PSK mode where everyone just knows the magic passphrase). What happens in the following scenario: User A logs in to his laptop and authenticates. Without logging out, User B comes along and logs in as well (on a different virtual console). Can User B now access the network without needing to authenticate again? If so, NM is treating the authentication as per-device, if not, then it's per-user. Does it depend on the WPA mode? I don't know. poc -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
