On 2 jul 2010, at 2:30, Phillip Hallam-Baker wrote: > It has taken ten years for WiFi to get to a state where an adequate > credential mechanism is supported, and it is still clunky. What are you talking about?? Enterprise type WPA where you authenticate against a back end server has been around for years, and with WPA2 it supports good encryption, too. > And they > still don't have a decent mechanism to support the typical coffee shop > type access mode. Well, you could use WPA(2) there too. People who don't have a working account yet for the hotspot in question would then log in as guest, create an account and then log in with that account. But I would argue that the IETF in general has ignored access control to IP networks and how this interacts with provisioning of addresses and other information once PPP was out the door. Look at the backflips that are required to provide ethernet-based broadband access. Although we can partially blame this on the lack of uptake of 802.1x which handles the authentication, but that still makes (IP-over-)ethernet-based broadband problematic because of its point-to-multipoint model that isn't appropriate for providing services. _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf