On Wed, 2019-04-24 at 22:58 +0200, Alexander Wetzel wrote: > > > Now I wonder - shouldn't the same A-MPDU issue apply here? After all, if > > you replace the PTK 0 surely you shouldn't use different ones for the > > same frame in an A-MPDU? > > Not from what I found in IEEE 802.11. It's only forbidden to mix keyIDs, > not MPDUs using different keys. And without Extended Key ID the keyID > can only be zero. So from a standard point of view we are ok, no keyID > mixing possible. Yeah, well, the standard probably didn't consider this. From an implementation POV, having two subframes with different keys will not really be possible, *especially* if they have the same key ID. I think this basically was not considered in spec writing. > From a practical point of view cards like mvm cards will for sure > corrupt MPDUs aggregated in a A-MPDU when different key were used for > them. But we still don't care:-) > > We'll corrupt the MPDU's encoded with either the old or the new key > anyhow and we don't care which ones. After all the card will only have > one key active for key ID 0 at any time won't have the second key > installed at all. Yeah, ok, fair point. johannes
