Re: Channel binding is great but not a silver bullet

Jeffrey Hutzelman wrote:
> 
> Actually, I believe in the specific case of Starbucks, the network
> operator running the network is T-Mobile,

  AT&T for at least a year:

http://wifinetnews.com/archives/2008/02/t-mobile_loses_starbucks_att_becomes_wi-fi_hotspot_giant.html

  Though the migration is taking time.

> and so probably actually
> _does_ know something about it.  At least, at the macro level.

  No offense to T-Mobile (or anyone else), but managing 1000's of
hotspots is hard.  When you add large companies who want to use that
network, it becomes nearly impossible.

  We have had a poor response rate from companies wanting to roll out a
global WiFi network.  "Authentication?  What's that?  Why can't we just
have every  WiFi network operator white-list our devices/users/traffic?"

  Really.  So all this talk about PKI && certs is "pie in the sky".  We
can't even convince major players to use *passwords*.

> But the point stands -- coffee houses are not network operators and they
> are not federated identity service providers.  They are purveyors of
> concentrated liquid evil, and the occasional cup of tea.

  And their network providers are getting squeezed.  No matter what
T-Mobile does, their revenue from these locations is pretty low, and the
user and corporate demands are high.

  Alan DeKok.