* [Cerowrt-devel] Fwd: [Ow-tech] Open secure wireless [not found] <CAKLmikNCL9eOb+V7fU0gvF7g8U4sFWiTEMPbX7aTrfqp7=OAkA@mail.gmail.com> @ 2015-06-17 15:47 ` Dave Taht 2015-06-17 22:31 ` [Cerowrt-devel] " Ranganathan Krishnan 0 siblings, 1 reply; 4+ messages in thread From: Dave Taht @ 2015-06-17 15:47 UTC (permalink / raw) To: cerowrt-devel In the alphabet soup of wireless standards, I had not heard of 802.11u before now. http://www.riosec.com/articles/open-secure-wireless-20 ---------- Forwarded message ---------- From: Mitar <mmitar@gmail.com> Date: Wed, Jun 17, 2015 at 4:29 AM Subject: [Ow-tech] Open secure wireless To: ow-tech@lists.eff.org Hi! Reading this old post: https://www.eff.org/deeplinks/2011/04/open-wireless-movement I wanted to point some research done on this some time ago: http://www.riosec.com/articles/Open-Secure-Wireless http://www.riosec.com/articles/Open-Secure-Wireless/Open-Secure-Wireless.pdf And also some progress: http://www.riosec.com/articles/open-secure-wireless-20 If you are not doing that already, I think EFF should get on board of supporting those changes to the standard. (BTW, originally, as presented in 1.0 paper, WiFi standard does allow open and secure connections, just no operating system really implements it because they all first prompt for the password, before trying to connect to the encrypted WiFi network to figure out the password is really required.) Mitar -- http://mitar.tnode.com/ https://twitter.com/mitar_m _______________________________________________ Ow-tech mailing list Ow-tech@lists.eff.org https://lists.eff.org/mailman/listinfo/ow-tech -- Dave Täht What will it take to vastly improve wifi for everyone? https://plus.google.com/u/0/explore/makewififast ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Cerowrt-devel] [Ow-tech] Open secure wireless 2015-06-17 15:47 ` [Cerowrt-devel] Fwd: [Ow-tech] Open secure wireless Dave Taht @ 2015-06-17 22:31 ` Ranganathan Krishnan 2015-06-18 21:11 ` Christopher Byrd 0 siblings, 1 reply; 4+ messages in thread From: Ranganathan Krishnan @ 2015-06-17 22:31 UTC (permalink / raw) To: Dave Taht, Mitar, Christopher Byrd; +Cc: cerowrt-devel We have Chris Byrd from Riosec on the ow-tech mailing list. Check out this thread from him last year : https://lists.eff.org/pipermail/ow-tech/2014-May/000031.html I have this feature enabled on the Openwireless APs. What is needed is a campaign with the Client manufactureres (Google, Cyanogen, Apple etc) to get them to fix the bugs in their implementation that cause their clients to abort if no client certificate is installed -- even though the connection would succeed since the server will never request the client cert. If there is interest in sustaining such a campaign with the Client manufacturers, I will be happy to contribute. Cheers, Ranga On Jun 17, 2015, at 8:47 AM, Dave Taht <dave.taht@gmail.com> wrote: > In the alphabet soup of wireless standards, I had not heard of 802.11u > before now. > > http://www.riosec.com/articles/open-secure-wireless-20 > > > ---------- Forwarded message ---------- > From: Mitar <mmitar@gmail.com> > Date: Wed, Jun 17, 2015 at 4:29 AM > Subject: [Ow-tech] Open secure wireless > To: ow-tech@lists.eff.org > > > Hi! > > Reading this old post: > > https://www.eff.org/deeplinks/2011/04/open-wireless-movement > > I wanted to point some research done on this some time ago: > > http://www.riosec.com/articles/Open-Secure-Wireless > http://www.riosec.com/articles/Open-Secure-Wireless/Open-Secure-Wireless.pdf > > And also some progress: > > http://www.riosec.com/articles/open-secure-wireless-20 > > If you are not doing that already, I think EFF should get on board of > supporting those changes to the standard. > > (BTW, originally, as presented in 1.0 paper, WiFi standard does allow > open and secure connections, just no operating system really > implements it because they all first prompt for the password, before > trying to connect to the encrypted WiFi network to figure out the > password is really required.) > > > Mitar > > -- > http://mitar.tnode.com/ > https://twitter.com/mitar_m > _______________________________________________ > Ow-tech mailing list > Ow-tech@lists.eff.org > https://lists.eff.org/mailman/listinfo/ow-tech > > > -- > Dave Täht > What will it take to vastly improve wifi for everyone? > https://plus.google.com/u/0/explore/makewififast > _______________________________________________ > Cerowrt-devel mailing list > Cerowrt-devel@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cerowrt-devel ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Cerowrt-devel] [Ow-tech] Open secure wireless 2015-06-17 22:31 ` [Cerowrt-devel] " Ranganathan Krishnan @ 2015-06-18 21:11 ` Christopher Byrd 2015-06-18 21:35 ` Mitar 0 siblings, 1 reply; 4+ messages in thread From: Christopher Byrd @ 2015-06-18 21:11 UTC (permalink / raw) To: Ranganathan Krishnan; +Cc: cerowrt-devel [-- Attachment #1: Type: text/plain, Size: 3026 bytes --] Yep, I'm here. Thanks for reading my research! If there are any questions about the technique, I'd be glad to answer them. While technically Open Secure Wireless works, the user experience is not acceptable. The biggest hurdle remains industry standards and client support. Christopher On Wed, Jun 17, 2015 at 5:31 PM, Ranganathan Krishnan <rk@selwastor.com> wrote: > > > We have Chris Byrd from Riosec on the ow-tech mailing list. Check > out this thread from him last year : > > https://lists.eff.org/pipermail/ow-tech/2014-May/000031.html > > I have this feature enabled on the Openwireless APs. What is needed > is a campaign with the Client manufactureres (Google, Cyanogen, > Apple etc) to get them to fix the bugs in their implementation that > cause their clients to abort if no client certificate is installed -- even > though the connection would succeed since the server will never > request the client cert. > > If there is interest in sustaining such a campaign with the Client > manufacturers, I will be happy to contribute. > > Cheers, > Ranga > > > > > On Jun 17, 2015, at 8:47 AM, Dave Taht <dave.taht@gmail.com> wrote: > > > In the alphabet soup of wireless standards, I had not heard of 802.11u > > before now. > > > > http://www.riosec.com/articles/open-secure-wireless-20 > > > > > > ---------- Forwarded message ---------- > > From: Mitar <mmitar@gmail.com> > > Date: Wed, Jun 17, 2015 at 4:29 AM > > Subject: [Ow-tech] Open secure wireless > > To: ow-tech@lists.eff.org > > > > > > Hi! > > > > Reading this old post: > > > > https://www.eff.org/deeplinks/2011/04/open-wireless-movement > > > > I wanted to point some research done on this some time ago: > > > > http://www.riosec.com/articles/Open-Secure-Wireless > > > http://www.riosec.com/articles/Open-Secure-Wireless/Open-Secure-Wireless.pdf > > > > And also some progress: > > > > http://www.riosec.com/articles/open-secure-wireless-20 > > > > If you are not doing that already, I think EFF should get on board of > > supporting those changes to the standard. > > > > (BTW, originally, as presented in 1.0 paper, WiFi standard does allow > > open and secure connections, just no operating system really > > implements it because they all first prompt for the password, before > > trying to connect to the encrypted WiFi network to figure out the > > password is really required.) > > > > > > Mitar > > > > -- > > http://mitar.tnode.com/ > > https://twitter.com/mitar_m > > _______________________________________________ > > Ow-tech mailing list > > Ow-tech@lists.eff.org > > https://lists.eff.org/mailman/listinfo/ow-tech > > > > > > -- > > Dave Täht > > What will it take to vastly improve wifi for everyone? > > https://plus.google.com/u/0/explore/makewififast > > _______________________________________________ > > Cerowrt-devel mailing list > > Cerowrt-devel@lists.bufferbloat.net > > https://lists.bufferbloat.net/listinfo/cerowrt-devel > > [-- Attachment #2: Type: text/html, Size: 5117 bytes --] ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Cerowrt-devel] [Ow-tech] Open secure wireless 2015-06-18 21:11 ` Christopher Byrd @ 2015-06-18 21:35 ` Mitar 0 siblings, 0 replies; 4+ messages in thread From: Mitar @ 2015-06-18 21:35 UTC (permalink / raw) To: Christopher Byrd; +Cc: cerowrt-devel Hi! So, what can we do to change this? Mitar On Thu, Jun 18, 2015 at 2:11 PM, Christopher Byrd <chris@riosec.com> wrote: > > Yep, I'm here. Thanks for reading my research! If there are any questions > about the technique, I'd be glad to answer them. While technically Open > Secure Wireless works, the user experience is not acceptable. The biggest > hurdle remains industry standards and client support. > > Christopher > > On Wed, Jun 17, 2015 at 5:31 PM, Ranganathan Krishnan <rk@selwastor.com> > wrote: >> >> >> >> We have Chris Byrd from Riosec on the ow-tech mailing list. Check >> out this thread from him last year : >> >> https://lists.eff.org/pipermail/ow-tech/2014-May/000031.html >> >> I have this feature enabled on the Openwireless APs. What is needed >> is a campaign with the Client manufactureres (Google, Cyanogen, >> Apple etc) to get them to fix the bugs in their implementation that >> cause their clients to abort if no client certificate is installed -- even >> though the connection would succeed since the server will never >> request the client cert. >> >> If there is interest in sustaining such a campaign with the Client >> manufacturers, I will be happy to contribute. >> >> Cheers, >> Ranga >> >> >> >> >> On Jun 17, 2015, at 8:47 AM, Dave Taht <dave.taht@gmail.com> wrote: >> >> > In the alphabet soup of wireless standards, I had not heard of 802.11u >> > before now. >> > >> > http://www.riosec.com/articles/open-secure-wireless-20 >> > >> > >> > ---------- Forwarded message ---------- >> > From: Mitar <mmitar@gmail.com> >> > Date: Wed, Jun 17, 2015 at 4:29 AM >> > Subject: [Ow-tech] Open secure wireless >> > To: ow-tech@lists.eff.org >> > >> > >> > Hi! >> > >> > Reading this old post: >> > >> > https://www.eff.org/deeplinks/2011/04/open-wireless-movement >> > >> > I wanted to point some research done on this some time ago: >> > >> > http://www.riosec.com/articles/Open-Secure-Wireless >> > >> > http://www.riosec.com/articles/Open-Secure-Wireless/Open-Secure-Wireless.pdf >> > >> > And also some progress: >> > >> > http://www.riosec.com/articles/open-secure-wireless-20 >> > >> > If you are not doing that already, I think EFF should get on board of >> > supporting those changes to the standard. >> > >> > (BTW, originally, as presented in 1.0 paper, WiFi standard does allow >> > open and secure connections, just no operating system really >> > implements it because they all first prompt for the password, before >> > trying to connect to the encrypted WiFi network to figure out the >> > password is really required.) >> > >> > >> > Mitar >> > >> > -- >> > http://mitar.tnode.com/ >> > https://twitter.com/mitar_m >> > _______________________________________________ >> > Ow-tech mailing list >> > Ow-tech@lists.eff.org >> > https://lists.eff.org/mailman/listinfo/ow-tech >> > >> > >> > -- >> > Dave Täht >> > What will it take to vastly improve wifi for everyone? >> > https://plus.google.com/u/0/explore/makewififast >> > _______________________________________________ >> > Cerowrt-devel mailing list >> > Cerowrt-devel@lists.bufferbloat.net >> > https://lists.bufferbloat.net/listinfo/cerowrt-devel >> > -- http://mitar.tnode.com/ https://twitter.com/mitar_m ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2015-06-18 21:34 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <CAKLmikNCL9eOb+V7fU0gvF7g8U4sFWiTEMPbX7aTrfqp7=OAkA@mail.gmail.com>
2015-06-17 15:47 ` [Cerowrt-devel] Fwd: [Ow-tech] Open secure wireless Dave Taht
2015-06-17 22:31 ` [Cerowrt-devel] " Ranganathan Krishnan
2015-06-18 21:11 ` Christopher Byrd
2015-06-18 21:35 ` Mitar
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox