unres

Rogue Aps. Users cannot control which AP they associate with. Rogue AP means rogue DHCP and/or rogue SSL.
Trusted third party. Users have to make some leap of faith at some point, unless they pre-arrange something (DNSSEC is not deployed yet, CAs are too trivial to inject or falsify)
With IPsec, at least if you do switch later on, you only send the rogue AP crypted garbadge.

Rogue Aps. Users cannot control which AP they associate with. Rogue AP means rogue DHCP and/or rogue SSL.