Search Linux Wireless

Re: [PATCH] mac80211: Encrypt "Group addressed privacy" action frames

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Jun 20, 2016 at 09:51:28AM +0900, Masashi Honma wrote:
> On 2016年06月18日 18:11, Jouni Malinen wrote:
> Yes. This patch breaks backward compatibility.
> I do not have smart idea to avoid also.
> I will create new define like this.
> CONFIG_MAC80211_MESH_GROUP_ADDRESSED_PRIVACY

Do we really want that? Group addressed privacy is what the standard
requires to be used with mesh and if we make it build time configurable,
we'll just end up with two different implementation that will never
interoperate with each other.. I don't really see any better option for
this apart from fixing this and requiring all STAs in a secure mesh to
be updated in synchronized manner. This way it will be a one time issue,
but that won't be there forever.

If something is needed to for temporary backwards compatibility support,
that should be something that can be enabled at runtime (and be disabled
by default). That said, I'm not sure I'd go with that extra complexity
taken into account how badly (i.e., completely incorrectly) the PMF case
was implemented in wpa_supplicant. I'm not planning on adding any
backwards compatibility mode there for due to the previous behavior not
really being good from security view point either (using the same key
with two different algorithms).
 
-- 
Jouni Malinen                                            PGP id EFC895FA
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux