An excellent new way of securing your wireless network, pioneered at RIPE and IETF meetings.

It involves using IPsec to secure the link between your computer and the wireless access point (WAP). To create the connection, your laptop sends a RSA public key along with its DHCP request, which the WAP puts in DNS, and then creates an IPsec tunnel between itself and the laptop, and vice versa.

Since the key is in the reverse DNS from the host, not only is your connection between the WAP and your laptop secured, but also between any host on the Internet which has its own keys in DNS and using a OE compatible IPsec implementation (only FreeS/WAN so far).

Having this tunnel means all traffic through it is encrypted, and thus, unsnoopable by anybody listening. Since the WAP also has tunnels open to (hopefully) all other attendees laptops, all traffic passing over the wavelan is secure from eavesdropping.