All,
Ok, ok, ok.
I mentioned before that I'm sure there's folk that won't agree with me. I simply choose not to hop around all the layers of the Internet model when assembling a cohesive understanding of the rule; and I don't think a non-technical radio amateur would be expected to bounce around the OSI/DARPA model to gather an understanding either.
Fair enough that it would be ideal to have another form of encryption, but I agree with NQ1E when he says that only IPSec(AH) makes Layer 1 and 2 remain readable. A unified captive portal authentication is also another option (Layer 7 authentication); but under some points-of-view, the portal could not be SSL. My suggestion of SSL was not to solve an access issue, I simply said I don't agree with the common point-of-view that it's prohibited outright. To prove that point, I use a Layer-1-first method to interpret the rule, just as is done for all other modes (e.g. in voice over FM, layer 1 is the FM carrier and the voice is layer 2, neither of the first 2 layers can be obscured).
Once again, I simply choose not to bounce around the OSI/DARPA model to gain an understanding, so I stick to Layer 1 first. The fact remains, at some point, if security is implemented, the traffic is obscured. Part 97 plainly read would led one to at least begin building their security implementation starting with Layer 1 unencrypted and Layer 2 should not be obscured (i.e. the 802.11 frame and the 802.3 frame).
-KB3VWG