Hi. I'm building a 802.11s solution where it is not acceptable to use a single SAE password on all mesh nodes. To handle this, my idea is to use SAE Password Identifiers and extend wpa_supplicant to support multiple sae_password:s, using the same syntax as for hostapd. Then, use a node unique password. During this development, I noticed this commit:
commit 6a673d0fb05557d149e4ff50430991979e476f2a Author: Jouni Malinen <jouni@xxxxxxxxxxxxxx> Date: Tue Jan 21 12:57:07 2020 +0200 tests: Remove mesh SAE Password Identifier test cases for now IEEE P802.11-REVmd was modified to require H2E to be used whenever Password Identifier is used with SAE. Since wpa_supplicant and mac80211 do not yet support SAE H2E in mesh, Password Identifier cannot be used in mesh cases. Remove the test cases that verified this behavior for now to allow H2E to be required per updated REVmd definition. These test cases will be restored once H2E is fully functionality in mesh cases.Any updates on this; when can one expect that wpa_supplicant and mac80211 supports SAE H2E in mesh? I have confirmed that it does not work with latest wpa_supplicant master on Linux 5.4, but perhaps it will if https://patchwork.kernel.org/project/linux-wireless/patch/20200731183830.18735-1-jouni@xxxxxxxxxxxxxx/ is applied?
Otherwise, I need to find some other solution. EAP-PWD looks interesting, but as I understand it, SAE is the only option for Mesh right now.
Best regards, Peter Åstrand
_______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap