[ietf78-tech] auth token
Randy Bush
randy at psg.com
Sat Jun 26 13:13:41 PDT 2010
Joel Jaeggli wrote:
> Any string that contain a source of uniqueness is fine by me. Reg-ID
> plus email would be just dandy. as I've stated before I think it's
> already to late to enforce the this for everyone and that we need to
> confine it to a test environment as a result
pretty much agree, except for the last. i think part of the i*'s goal
set is testing a fully 'controlled' environment. the goals of the bag
of escape cookies at the desk were two-fold,
o folk who forgot reg-id and or reg-email
o folk who want privacy
Chris Elliott wrote:
> Why put more hardware in the data path? And use a known insecure
> method?
agree
> Let's use WPA/WPA2 with 802.1X and Radius.
does this give individual auth? is support gonna be driven nuts by folk
with laptop support issues?
Jim Martin wrote:
> Sigh.... Because this is the IETF and we have research-types with
> antiquated hardware, corporate types with locked down hardware,
> etc. We /MUST/ provide a solution that doesn't rely on the client
> being able to do .1x.
as i feared.
Chris Elliott wrote:
> Then at least let's have the switches doing the MAC address filtering
> and not put a bottleneck in the network.
does that scale to 2,000 filterees?
randy
More information about the ietf78-tech
mailing list