On Tue, 2018-05-15 at 12:22 +0200, Alexander Wetzel wrote: > > Both issues can be prevented by first replacing the key in the HW and > makeing sure no aggregation sessions are running during the rekey. I don't think you can do this - just tear down all aggregation sessions - there are APs out there that will not re-establish them if you tear them down, or only attempt a given number of times, etc. This will cause interoperability problems. OTOH, arguably we have worse interoperability problems today, and anyone who configures PTK rekeying is deluded that it'll work properly, so maybe that's not _that_ bad. Hmm. johannes