On Fri, 2021-08-13 at 09:19 +0200, Johannes Berg wrote: > > > > 2) Should we at least check it again from the protected beacon or such > > > after association, so we don't blindly trust the probe response or > > > beacon (received during scan, not validated) at least when BIGTK is in > > > use? > > > > May we add support for BIGTK in future with another patch? > > We already have BIGTK support in mac80211, so if we don't do that now > we're almost certainly not going to do it, so I'd really prefer if you > did it here, or if a separate patch still did it now. Actually, I should say though - the question was more whether we even need/want that, rather than whether we can do it later or not. If we should protect this data/information then IMHO we should do it now, but it's not clear to me that we should, given that we also don't have encrypted association response and we still take information from there too, etc. johannes
