Narayanan, Vidya wrote: > >So, I assume that the issue with using 802.11i/WPA2 would be that it >requires an upgrade of APs? If EAPoUDP (as being discussed without any >keys for data traffic protection) were to be used, you would still have >to perform the MAC address-based access control to provide an equivalent >level of security as you have now. The only advantage then is the user >being prompted for a password as opposed to web-based login - perhaps >that is still a reasonable advantage, I am not sure. > > The replacement of web-based logins would indeed be very useful, because it assumes that web is being used and can be used. If a voice over IP phone moved from one network to another during a call, the user would not be pleased if a web login page appeared. Particularly if the user was in a call or the device had no screen that can reasonably run web :-) The user would probably be even less pleased if no login page appeared but packets stopped flowing. But its true that non-web-based logins can be achieved in multiple ways. --Jari _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf