On 3/28/06, coderman
...
- why "wireless"? we believe that wireless is the most robust form of communication when implemented properly*. we also believe that any communication between secure domains should be considered public and open to active attackers (like wireless is). for this reason strong privacy and authentication must always be used for secure network communication. a proper wireless implementation can transmit datagrams in an injection style manner and receive any datagrams in a monitor style manner. all packets received must be authenticated before passing up to higher level (IP/etc) stacks. all unauthenticated packets must be dropped silently. the rate of transmit should be as low as possible while still retaining sufficient communication bandwidth. the rate of transmit should also be considerate to the needs of others who can hear your transmission and may defer theirs accordingly. deference should not open up denial of service vulnerabilities but is encouraged when possible to provide a cooperative multi-network with sufficient bandwidth for all. [the technical complexity of this is high and we are being intentionally vague at this point until further refinements are in place and this can be described in detail via working implementation on atheros / prism2 hardware that does not DoS other wireless technologies. 802.11 is a good example of an improper implementation that is trivial to DoS via spoofed packets at the MAC layer (deauth/disassoc injection).]