On Mar 11, 2011, at 11:03 AM, Martin Rex wrote: > Phillip Hallam-Baker wrote: >> >> 1) WPA/WPA2 is not an end to end protocol by any stretch of imagination. >> It is link layer security. > > It is a 100% end-to-end security protocol. > I'm reminded of those signs saying "Repent! The end is closer than you think!" I think we have different ends in mind here. In the real-time community, we usually think of WPA2 as an "end to middle" security protocol, in that it doesn't protect the entire path from Alice to Bob unless both are running on the same ad-hoc wireless network. It does protect the specific link, say from Alice to her access-point, but does nothing to keep the access point itself from mirroring the cleartext onto another port. -- Dean _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf