[OpenWireless Tech] Eventual (long term) solutions

[John Gilmore]

>              I appreciate the improved security of WPA while lamenting 
> the disappearance of open WiFi.   ...
> The eventual solution is probably something like an OpenID service for 
> 802.1X with access points advertising  their participation via 802.11u. 

Just because OpenID has "open" in its name does not mean it is good.
It's a protocol for identifying yourself.

If people (eventually) need to use OpenID to access an access point,
then it isn't an open access point.  There is no point in
authenticating yourself to an open port -- it would be like
authenticating the AC power plug you stick in the wall socket, or
authenticating the Ethernet cable you plug into a switch port.  We
could build power sockets and Ethernet switches that way, but if we
did, only niche markets would use them.  Everybody else would just
keep using the open ones that don't hassle you when you try to use
'em.  (HDMI requires authentication every time it gets plugged in, due
to its origins in Hollywood cartel DRM and the Intel monopoly, and
it's caused endless hassle to consumers.)

I think a better eventual solution is to provide a WPA-like protocol
that doesn't assign the exact same key to everyone who supplies the
same password (WPA does that, oops!).  If the protocol did
Diffie-Hellman, then each node that connects would get a unique key,
that is shared only with the access point.  This protocol could be
used both on the WPA (restricted, personal) side of the access point,
and on the open (unrestricted, public) side.  Any WiFi node that used
this protocol would protect itself from its traffic being sniffed by
anyone except the access point itself.  Doing this would require
working in the 802.11 standards committees to define and find
agreement on such a protocol, to be deployed in future WiFi hardware.
WiFi keeps evolving quickly, with new generations every few years,
so there is plenty of opportunity to improve the security protocols
in subsequent generations.

	John