[OpenWireless Tech] welcome and EFF's roadmap

Dan Auerbach dan at eff.org
Thu Nov 1 15:21:23 PDT 2012 

Hi everyone,

Welcome! Now that openwireless.org has launched and more folks have
joined this list, I wanted to give an idea of the technical roadmap that
we had in mind for open wifi projects. Note that while this list has
been silent for a while, there was a spate of discussion in July/August
of last year and you are welcome to check the archives:
https://srv1.openwireless.org/pipermail/tech/.

Your participation in this is essential -- we have limited technical
resources at EFF. If we're going to make and popularize usable and
secure open wireless products, we need folks with expertise and
experience who can step in and be the focal points for various projects.

Here's the lay of the land as I see. First, our roadmap at EFF centers
around 3 projects:

1. Awesome open source router* firmware
    + Shorter-term project.
    + Based on OpenWRT (or dd-wrt, Tomato, etc).
    + Emphasis on reliability and usability. Zero conf / simple UI.
    + Should create guest network with "openwireless.org" ssid that is
de-prioritized (e.g.  QoS).
    + Bonus: convince OEMs to ship with this firmware.

2. VPN for open wireless networks
    + VPNs help protect people operating open networks (i.e. all users'
traffic routed to VPN; police won't knock down your door).
    + Network operators can pay for and configure a VPN right now, but
we want to make this easier and cheaper, and to identify trusted VPNs
with good policies when it comes to data retention, etc.
    + VPNs also provide a potential way to secure user traffic on an
open network; providing first-hop encryption may require client-side
changes.
    + Users should also be able to use a "home" VPN network (their home
network turned into a VPN) when using an open network, which may be
possible with changes to home router software.

3. Client-side changes for open wifi
    + Connecting to open networks is a pain for users right now; users
ideally shouldn't have to even think about the connection and it should
just work (and actually connect to the Internet without a captive portal).
    + Networks need to have a way to communicate policies to the user
(e.g. "low bandwidth"; "here are our TOS"; "please only use if you have
no other internet connection"); clients need to have a way to understand
and abide by policies broadcast by a network.
    + Clients should ideally be able to quickly and automatically test
networks and choose the "best" one based on tests and policies. This
should be feasible as wifi initial connections get faster -- I think
there is an 802.11 standard for this.

In addition to our roadmap, two ideas surfaced from the discussion last
year that we think are valuable, but that we are not focusing on right
now. These are also very challenging.

4. 802.11 standard(s)
    + Create a standard that allows for any client without credentials
to access to AP
    + Better or equal than WPA2 security in terms of first-hop security
    + AP authentication is a challenge; could do passive encryption only
(e.g. EAP-based solutions)
    + Work with IEEE process

5. Mesh Networking
    + This is a whole field of interest in and of itself, and I'm not
qualified to give an outline of the various areas that people are
working on. Perhaps someone could step in and provide some background
and roadmap for this project?

If you would like to be involved in any of these projects or have ideas
about them, please reply here. If you already are working on 1-3 above,
we at EFF would especially be interested to collaborate and leverage
your know-how. (Or if you know where we can get financial resources, we
are fundraising for this so please let us know that as well.) Finally,
if you would like to lead an effort in any of these project areas, and
want to galvanize people around an idea, that's great too. For 4-5 and
other issue areas, we may be less actively involved but encourage people
to use this list as a gathering point for project ideas and other
discussions.

Looking forward to fruitful discussions and work together.

Cheers,
Dan

-- 
Dan Auerbach
Staff Technologist
Electronic Frontier Foundation
dan at eff.org
415 436 9333 x134

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/tech/attachments/20121101/ef84a1bb/attachment.html>

More information about the Tech mailing list