Wireless activation improvements.

Greg Smith gregsmitholpc at gmail.com
Thu Dec 11 09:49:05 EST 2008 

Hi Michael,

This is definitely a must have/must fix item for 9.1.0. It is needed by 
Ethiopia and other deployments. It may be used in a "warehouse" where 
the XOs are prepared as opposed to in a school where we assume there is 
less ability to change/tweak the AP ESSID. I'll try to get more feedback 
on that but right now my impression is that the primary use case is in a 
warehouse.

I was treating it like a bug so it didn't have a full write up on the 
Feature page. I see there is some design needed so I'll make a section 
for it here: 
http://wiki.laptop.org/go/Feature_roadmap#Activation_lease_security

I'm not completely sure what you mean by "mesh" but if that refers to 
our Active Antenna (AA) I need to remind everyone that the AA is not a 
product right now, not supported and not available from OLPC. That may 
change in the future but right now its not being sold.

The bottom line is that wireless activation through an AP to the school 
server is a must have item for 9.1.0 which fits perfectly in the 
Deployability and Maintainability theme of the release.

Thanks,

Greg S

*****************

Date: Thu, 11 Dec 2008 11:18:47 -0200
From: "Martin Langhoff" <martin.langhoff at gmail.com>
Subject: Re: Wireless activation improvements.
To: "Michael Stone" <michael at laptop.org>
Cc: devel at lists.laptop.org, Kim Quirk <kim.quirk at gmail.com>,	Guadalupe
	Artigas <gartigas at plan.ceibal.edu.uy>
Message-ID:
	<46a038f90812110518n79891b87s5fbe6461f2e0a02a at mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

On Wed, Dec 10, 2008 at 11:33 PM, Michael Stone <michael at laptop.org> wrote:
 > > Therefore: do we have any
 > > interest in developing such a feature?

Yes, we want this.

The main thing with 802.11abg is that we need to pick an essid using a
reasonably stable mechanism. A few months ago we discussed the topic
of selecting an essid (on techteam - no archive link, sorry). The
summary I have of that conversation is that we can hardcode an essid
prefix or suffix and assoc to the first open signal matching it:

  - Local deployments will probably want to use an ESSID that means
"school" in a local language. (Sidenote: is utf-8 usable in ESSID
strings? Sorting/collation rules to pick "the first" matching utf-8
ESSID are a potential headache.)

  - An alternative is to just hardcode 'SCHOOLSERVER'. The same signal,
however, will be usually be used to associate to the XS, so it's
better that it has a localised name for when users pick it from the
'Network view'.

  - Mitch offered to code up a chooser UI, but it was later agreed it
was overkill.

  - The ad-hoc IPv4 self-assignment done for mesh is ugly but ok. The
XS will talk to IPv4 addresses in that range over mesh or abg.

  - This assumes the signal will be unencrypted. Supporting encryption
so early in the game adds a lot of complexity - complex WiFi setups
can broadcast an unencrypted ESSID for activation services, and an
encrypted signal for the rest of their traffic.

  - If/when we get a stable Libertas HostAP driver, we can teach the XS
to run such a dual-signal configuration if desired.

  - One thing to keep in mind: no matter what technique we use to pick
the ESSID, someone with an AP set to the same ESSID and channel can
DoS us and make a bit of a mess. There aren't any usable workarounds.
OTOH, we can tell good data from bad as is signed.

cheers,


m
-- martin.langhoff at gmail.com martin at laptop.org -- School Server 
Architect - ask interesting questions - don't get distracted with shiny 
stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff

More information about the Devel mailing list