Hi, Jouni > Could you please describe what exactly you mean with "current secured > mesh requires the AES CMAC to be enabled" and what is that claim based > on? I am based on the authsae source code for secured mesh setup which can be found at: https://github.com/cozybit/authsae/blob/master/linux/meshd-nl80211.c There are total 5 keys for secured mesh: /* key to protect integrity of multicast mgmt frames tx*/ install_key(nlcfg, NULL, CIPHER_AES_CMAC, NL80211_KEYTYPE_GROUP, 4, mgtk_tx); /* key to encrypt multicast data traffic */ install_key(nlcfg, NULL, CIPHER_CCMP, NL80211_KEYTYPE_GROUP, 0, mgtk_tx); /* key to encrypt/decrypt unicast data AND mgmt traffic to/from this peer */ install_key(&nlcfg, peer, CIPHER_CCMP, NL80211_KEYTYPE_PAIRWISE, 0, mtk); /* key to decrypt multicast data traffic from this peer */ install_key(&nlcfg, peer, CIPHER_CCMP, NL80211_KEYTYPE_GROUP, 0, peer_mgtk); /* to check integrity of multicast mgmt frames from this peer */ install_key(&nlcfg, peer, CIPHER_AES_CMAC, NL80211_KEYTYPE_GROUP, 4, peer_mgtk); > Any pointers to the specific standard clause(s) that say that? I have not gone through the standard on this. ----- Chun-Yeow -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
