Am 04.10.2016 um 23:57 schrieb M. Braun: >> * pass both for IBSS mode (I think) > > two more aspects for IBSS > > 1. the PSK is shared by all stations, so a passive attacker on any > authenticated station in range will be able to derive it, right? > 2. iff at all the source mac might be used for access control so > a TA==SA A-AMSDU filter might still be reasonable. under the assumption that every station can only know about the keys it is supposed to know, checking for da is multicast if ra is multicast is needed as well so that the source address cannot be spoofed using GTK. I'll send an updated version. Michael