On 7/12/17 1:30 PM, Dave Crocker wrote: > On 7/11/2017 5:34 PM, Randy Bush wrote: >> o don't care as their threat model sees runnin' nekkid over the air as >> not a significant additional weakness, or >> >> o believe that they are using sufficient encryption at higher layers >> to meet their needs, or > > > Given that it is likely that at least one of the 1200 open-participation > IETF meeting attendees -- all of whom have access to the WiFi password > -- sometimes indulges in bad actor behavior, then it might be worth > clarifying exactly what the incremental benefit is, in having WiFi > encryption, if one is already using TLS liberally. wpa2 enterprise provides forward security, merely using the same username and password doesn't provide you with the ability to snoop other traffic. > (For extra credit, it would be interesting to see where this benefit is > already documented on the net.) > > d/ >
Attachment:
signature.asc
Description: OpenPGP digital signature