I use "IETF Legacy" because 1) it is easy 2) if you think encrypting your traffic over the first 50 feet is all you need to do, well what can I say. (and of course I understand Randy and probably everyone else on this thread does not think that) I'd use something else if it was as easy and worked as well - perhaps if we turned off Legacy, I would be forced to discover there was something I liked better but in general I am at IETF to get work done not to eat dog food. In general I think that the IETF has spent a good amount of time on "making it harder for the bad guys" but not enough time on making security "easy for the good guys". > On Jul 11, 2017, at 6:34 PM, Randy Bush <randy@xxxxxxx> wrote: > > the noc sees a quite large number of associations to the unencrypted > ietf-legacy ssid as opposed to say the encrypted ietf ssid > > some of us are wondering if those using ietf-legacy > > o do not realize it is completely unencrypted over the air, or > > o don't care as their threat model sees runnin' nekkid over the air as > not a significant additional weakness, or > > o believe that they are using sufficient encryption at higher layers > to meet their needs, or > > o other > > these days, some meetings do not provide unencrypted wifi at all and > seem not to get complaints. maybe their attendees are just geekier > and/or more security conscious. > > clue bat, please. unicast responses accepted too. > > randy >