Good session, but several questions were answered at the end that go beyond what's generally reported with Wi-Fi Protected Access (WPA).
I asked whether in a pre-shared secret situation with WPA, which is what most home and small business users who aren't running authentication servers will need to use, the master key used to create the encryption session could be used to unlock other users' encrypted packets. The answer is yes: that is, even though WPA provides robustness, unless you use 802.1x and an authentication server, the shared key allows the same (although perhaps involving more work) transparency of other network traffic.
WPA will be required after August 31 for Wi-Fi certification. Interestingly, even though EAP-TLS, one way of running 802.1x, isn't part of WPA, the test requires that a device passes two EAP-TLS tests -- so it's not part of the formal standard, but it is required!
With Microsoft developing 802.1x/xEAP clients, is there room for Meetinghouse (one of the presenters' companies) making other clients? Hard to compete against Microsoft, but room for clients for Mac, Unix, Linux, etc.