From: Jim Warner <warner@ca...> - 2001-01-20 01:02:33
James Savage from York U said:
> While pondering all of this I started to wonder...do I really care
>about this? Is this really an issue for an educational institution? It
>wasn't that long ago we ran a shared ethernet network (wired) where
>users could 'sniff' in promiscuous mode undetected.
University of Cal campuses are very concerned that people not
associated with the University will come up to campus to connect
to our internet service. On another mailing list, this has been
referred to as "drive-by networking." It is within the traditional
role of the U to assure that its resources are used only as
Eavesdropping is a separate issue. We stopped doing shared networks
about the time we started doing residential networks. Given that
the technology to sniff is widespread now, it is probably not prudent
to put in a new system with that barn door.
>Finally, the goal of WIFI was to ensure 802.11 inter operability between
>manufacturers, but I have not seen any reference in this area (dynamic
I am more cynical than you are. The purpose of WIFI was to help
sell hardware. It was/is also designed to give the 802.11 crowd
a leg up on the home net competition. Interoperability was a
means, not an end. If it had been an end, it would have included
interoperability tests related to security.
> My intention was to allow users to buy any WIFI card they liked
>but if I use a particular methodology....it may(will?) not work for all
I have not heard any promises of interoperability between auth systems
from different vendors. You are hoping for more from WIFI than it
promises. It is possible that once 802.11x rolls out, it will be
adopted generally within the industry. Another possibility is to
take auth/encryption out of the domain of the access points by running
them back to your network with some sort of VPN gateway that only
permits authenticated users to "get out" to the real world.
-jim warner, UC Santa Cruz
Disclaimer: While my U is the same as the good sponsors of
this mailing list, I have no direct association with them.
They are not responsible for any of my views...