[145383] in cryptography@c2.net mail archive
Re: MITM attack against WPA2-Enterprise?
daemon@ATHENA.MIT.EDU (Chris Palmer)
Sun Jul 25 21:14:10 2010
Date: Sun, 25 Jul 2010 15:30:21 -0700
From: Chris Palmer <chris@noncombatant.org>
To: "Perry E. Metzger" <perry@piermont.com>
Cc: Cryptography List <cryptography@metzdowd.com>
In-Reply-To: <20100725180848.1e167426@jabberwock.cb.piermont.com>
Perry E. Metzger writes:
> All in all, this looks bad for anyone depending on WPA2 for high security.
Luckily, that describes nobody, right?
;D
I used to think that non-end-to-end security mechanisms were wastefully
pointless, but adorably harmless. However, in my experience people keep
using link-layer garbage (and network-layer trash, and support protocol
junk) as a way to put off the hard work of real (i.e. E2E) security.
Non-E2E stuff hurts usability, availability, and security (by creating a
false sense).
Of course, we E2E fans have to get our usable security ducks in a row first.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
