On Fri, Mar 04, 2022 at 12:53:39AM +0200, Andrei Otcheretianski wrote: > On the 6GHz band the following is not allowed, so do not > allow association with an AP that advertises support for > these: > > - Pairwise or group cipher that include WEP/TKIP > - Support for WPA PSK AKMs > - Support for SAE AKM without H2E > > In addition do not allow association if the AP does not > advertise a matching RSN IE or does not declare that > it is MFP capable. I can understand the part about rejecting an AP if a mandatory security option is not available (RSN, SAE without H2E, or WEP/TKIP as the group cipher), but why would the station need to enforce protocol compliance for the AP for things like PSK AKMs or pairwise cipher suites that are enabled on top of the required features? That sounds more like protocol testing for AP than normal station functionality. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
