Will hack for food gets more professional. Anyone want to try it out for me on the IETF 78 LAN? http://www.wpacracker.com/faq.html It seems doubtful to me that this would work against a really well deployed network. But the fact that WPA2 can be deployed in dufus configuration should be considered a major protocol flaw. WPA2 was after all the fourth attempt the group made at making the protocol secure. It is not at all clear to me what level of expertise is required to do the job right or how to be confident that it is done right. The endpoints used in these protocols all have the ability to perform public key cryptography at acceptable speeds. Even if they did not, the price of 64Mb of flash memory is negligible these days and that is sufficient to store more than enough keys to maintain tens of thousands of session keys in the access point. We have the resources and the technology to do the job right. Why do we keep doing half measures that we know are wrong? I know this particular issue is an IEEE funeral, but isn't there a point where others decide to take responsibility? -- Website: http://hallambaker.com/ _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf