[OpenWireless Tech] Categories of solutions
Peter Eckersley
pde at eff.org
Thu Jul 28 12:18:29 PDT 2011
On Thu, Jul 28, 2011 at 01:31:33AM +0200, Natanael wrote:
> As EFF said, we have to use asymmetric encryption.
> How to authenticate the networks and avoid MITM is a difficult one since
> it's almost impossible to tell a stranger that is honest from one that is
> not (more so when dealing with electronics instead of humans).
>
As another thread is currently debating, there are at least three ways to
approach this problem:
1. Authenticate the networks by some means
2. Don't authenticate the networks, but encourage the use of tools (like
HTTPS Everywhere) that protect users to a significant degree even if
they land on a malicious network
3. Make VPNs an expected part of the infrastructure
Each of these routes has advantages, disadvantages, and many ways you could
try to follow it. It might be good to settle on one, or it might be okay to
support a couple of these approaches if that can be made simple and
comprehensible enough for network operators.
--
Peter Eckersley pde at eff.org
Senior Staff Technologist Tel +1 415 436 9333 x131
Electronic Frontier Foundation Fax +1 415 436 9993
More information about the Tech
mailing list