From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ig0-f174.google.com (mail-ig0-f174.google.com [209.85.213.174]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id 05F7D21F60C for ; Thu, 18 Jun 2015 14:11:22 -0700 (PDT) Received: by igbqq3 with SMTP id qq3so1503761igb.0 for ; Thu, 18 Jun 2015 14:11:21 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=aW8j7pgVRPHvMchqJ3Q84HpYFbcXxhKDyS3N18a0C5Y=; b=VBiaZ4R4v1jgnSrT2qtQ/+itKpeeXqUkTcG6rISSL1Fo8O46hdYIOqMXWJjoFjJSSz E1Hg1rFu8kekNRJEFnJfwa6nKC67wO+GjValFrI8MrurunVFYICYWnbLdZJ6iSf5HWlT xaNP8t3SBGYiGlIZfUeSxPmAayN3NCGgPFwTYEv/GwghLLIhmA8PMCSKSiZAxq58T/65 ykzPXTabIp8NlZFJbud/gYbD6IlepyDSGuMVz8uLzcrmhmE7CshfwvOnYqTpBY+Pb+Ta 7epQLkpYSzwbHqHPkop9frw/Ov7+KYt1nHOhvYXnaeNErwdoJwA38ro4Qznd2DtNlsmr 4MiQ== X-Gm-Message-State: ALoCoQkIoLm8xqdI6Gxp1mciV7DhI82arQQ2LxkKTqTEGPQm57XJ3qdunYrOH5PCMxhbe50o2KXg MIME-Version: 1.0 X-Received: by 10.42.166.200 with SMTP id p8mr7934533icy.25.1434661881651; Thu, 18 Jun 2015 14:11:21 -0700 (PDT) Received: by 10.64.20.51 with HTTP; Thu, 18 Jun 2015 14:11:21 -0700 (PDT) In-Reply-To: <35B0D798-27F2-4146-A78A-AA0008C87DF9@selwastor.com> References: <35B0D798-27F2-4146-A78A-AA0008C87DF9@selwastor.com> Message-ID: From: Christopher Byrd To: Ranganathan Krishnan Content-Type: multipart/alternative; boundary=90e6ba6e8aded43cd40518d13f13 X-Mailman-Approved-At: Sat, 15 Aug 2015 08:48:03 -0700 Cc: "cerowrt-devel@lists.bufferbloat.net" Subject: Re: [Cerowrt-devel] [Ow-tech] Open secure wireless X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Thu, 18 Jun 2015 21:11:51 -0000 X-Original-Date: Thu, 18 Jun 2015 16:11:21 -0500 X-List-Received-Date: Thu, 18 Jun 2015 21:11:51 -0000 --90e6ba6e8aded43cd40518d13f13 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Yep, I'm here. Thanks for reading my research! If there are any questions about the technique, I'd be glad to answer them. While technically Open Secure Wireless works, the user experience is not acceptable. The biggest hurdle remains industry standards and client support. Christopher On Wed, Jun 17, 2015 at 5:31 PM, Ranganathan Krishnan wrote: > > > We have Chris Byrd from Riosec on the ow-tech mailing list. Check > out this thread from him last year : > > https://lists.eff.org/pipermail/ow-tech/2014-May/000031.html > > I have this feature enabled on the Openwireless APs. What is needed > is a campaign with the Client manufactureres (Google, Cyanogen, > Apple etc) to get them to fix the bugs in their implementation that > cause their clients to abort if no client certificate is installed -- eve= n > though the connection would succeed since the server will never > request the client cert. > > If there is interest in sustaining such a campaign with the Client > manufacturers, I will be happy to contribute. > > Cheers, > Ranga > > > > > On Jun 17, 2015, at 8:47 AM, Dave Taht wrote: > > > In the alphabet soup of wireless standards, I had not heard of 802.11u > > before now. > > > > http://www.riosec.com/articles/open-secure-wireless-20 > > > > > > ---------- Forwarded message ---------- > > From: Mitar > > Date: Wed, Jun 17, 2015 at 4:29 AM > > Subject: [Ow-tech] Open secure wireless > > To: ow-tech@lists.eff.org > > > > > > Hi! > > > > Reading this old post: > > > > https://www.eff.org/deeplinks/2011/04/open-wireless-movement > > > > I wanted to point some research done on this some time ago: > > > > http://www.riosec.com/articles/Open-Secure-Wireless > > > http://www.riosec.com/articles/Open-Secure-Wireless/Open-Secure-Wireless.= pdf > > > > And also some progress: > > > > http://www.riosec.com/articles/open-secure-wireless-20 > > > > If you are not doing that already, I think EFF should get on board of > > supporting those changes to the standard. > > > > (BTW, originally, as presented in 1.0 paper, WiFi standard does allow > > open and secure connections, just no operating system really > > implements it because they all first prompt for the password, before > > trying to connect to the encrypted WiFi network to figure out the > > password is really required.) > > > > > > Mitar > > > > -- > > http://mitar.tnode.com/ > > https://twitter.com/mitar_m > > _______________________________________________ > > Ow-tech mailing list > > Ow-tech@lists.eff.org > > https://lists.eff.org/mailman/listinfo/ow-tech > > > > > > -- > > Dave T=C3=A4ht > > What will it take to vastly improve wifi for everyone? > > https://plus.google.com/u/0/explore/makewififast > > _______________________________________________ > > Cerowrt-devel mailing list > > Cerowrt-devel@lists.bufferbloat.net > > https://lists.bufferbloat.net/listinfo/cerowrt-devel > > --90e6ba6e8aded43cd40518d13f13 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

Yep, I'm here. Thanks for reading my research= ! If there are any questions about the technique, I'd be glad to answer= them. While technically Open Secure Wireless works, the user experience is= not acceptable. The biggest hurdle remains industry standards and client s= upport.=C2=A0

Christopher

On Wed, Jun 17, 2015 at 5:31 P= M, Ranganathan Krishnan <rk@selwastor.com> wrote:


We have Chris Byrd from Riosec on the ow-tech mailing list. Check
out this thread from him last year :

https://lists.eff.org/pipermail/ow-tech/= 2014-May/000031.html

I have this feature enabled on the Openwireless APs. What is needed
is a campaign with the Client manufactureres (Google, Cyanogen,
Apple etc) to get them to fix the bugs in their implementation that
cause their clients to abort if no client certificate is installed -- even<= br> though the connection would succeed since the server will never
request the client cert.

If there is interest in sustaining such a campaign with the Client
manufacturers, I will be happy to contribute.

Cheers,
Ranga




On Jun 17, 2015, at 8:47 AM, Dave Taht <dave.taht@gmail.com> wrote:

> In the alphabet soup of wireless standards, I had not heard of 802.11u=
> before now.
>
> http://www.riosec.com/articles/open-secur= e-wireless-20
>
>
> ---------- Forwarded message ----------
> From: Mitar <mmitar@gmail.com>
> Date: Wed, Jun 17, 2015 at 4:29 AM
> Subject: [Ow-tech] Open secure wireless
> To: ow-tech@lists.eff.org=
>
>
> Hi!
>
> Reading this old post:
>
> https://www.eff.org/deeplinks/2011/= 04/open-wireless-movement
>
> I wanted to point some research done on this some time ago:
>
> http://www.riosec.com/articles/Open-Secure-W= ireless
> http://www.riosec.c= om/articles/Open-Secure-Wireless/Open-Secure-Wireless.pdf
>
> And also some progress:
>
> http://www.riosec.com/articles/open-secur= e-wireless-20
>
> If you are not doing that already, I think EFF should get on board of<= br> > supporting those changes to the standard.
>
> (BTW, originally, as presented in 1.0 paper, WiFi standard does allow<= br> > open and secure connections, just no operating system really
> implements it because they all first prompt for the password, before > trying to connect to the encrypted WiFi network to figure out the
> password is really required.)
>
>
> Mitar
>
> --
> http://mitar.tnode.com/
> https://twitter.com/mitar_m
> _______________________________________________
> Ow-tech mailing list
> Ow-tech@lists.eff.org
> https://lists.eff.org/mailman/listinfo/ow-tech
>
>
> --
> Dave T=C3=A4ht
> What will it take to vastly improve wifi for everyone?
> https://plus.google.com/u/0/explore/makewififas= t
> _______________________________________________
> Cerowrt-devel mailing list
> Cerowrt-devel@l= ists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/ce= rowrt-devel


--90e6ba6e8aded43cd40518d13f13--