The "WPA 3 Specification Version 3.0" Document from Wi-Fi Alliance says: "A WPA3 STA shall perform server certificate validation when using EAP-TTLS, EAP-TLS, EAP-PEAPv0 or EAP-PEAPv1 EAP methods." So, at least these methods seem to be allowed by the specs. Nevertheless, iPhone fails after entering username/password (it's always a pain to connect iOS devices to enterprise networks), Windows 11 only offers Smartcard or EAP-TLS (had no luck with that so far, despite client certificate installed). Am Freitag, dem 19.05.2023 um 16:24 -0400 schrieb Alan DeKok: > On May 19, 2023, at 4:01 PM, rany <rany2@xxxxxxxxxx> wrote: > > > > It appears that, at least according to this Cisco help page: > > https://documentation.meraki.com/MR/Wi-Fi_Basics_and_Best_Practices/WPA3_Encryption_and_Configuration_Guide#WPA3_192-bit > > that only WPA3-EAP 192-bit has this restriction and I could confirm > > it from my own testing. > > The pages do say that. While I admit I haven't followed that in > detail, it's a bit surprising that WPA3-EAP requires a particular EAP > type and TLS ciphers. > > Alan DeKok. > > > _______________________________________________ > Hostap mailing list > Hostap@xxxxxxxxxxxxxxxxxxx > http://lists.infradead.org/mailman/listinfo/hostap -- -- Robert Senger _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
