From: Johannes Berg <johannes@sipsolutions.net>
To: Matthias May <matthias.may@neratec.com>,
Emmanuel Grumbach <egrumbach@gmail.com>,
voncken <cedric.voncken@acksys.fr>
Cc: linux-wireless <linux-wireless@vger.kernel.org>
Subject: Re: Mac80211 : Wpa rekeying issue
Date: Thu, 07 Jan 2016 22:06:28 +0100 [thread overview]
Message-ID: <1452200788.3141.22.camel@sipsolutions.net> (raw)
In-Reply-To: <568CD9D1.6080001@neratec.com>
On Wed, 2016-01-06 at 10:09 +0100, Matthias May wrote:
>
> afaik it solves the issue that when a STA roames from AP1 to AP2, and
> key material is installed at different times.
> We observed encrypted frames which had a wrong CCMP counter. If the
> STA
> updates it's counter with these frames then depending on the wrong
> CCMP
> value received, up to a few hundred frames were dropped.
I don't really see how it has any effect there either, since in that
case the old key material should be deleted long before the new one is
installed, so the cross-over that causes the PN update problem with
rekeying can't happen?
> Not exactly the same as rekeying but the effect are pretty similar.
Ignoring the discussion about the effect of the patch in roaming, the
patch really can't do anything for rekeying since the station never
goes back to !authorized in that case, so it can't really be relevant
for this thread.
johannes
next prev parent reply other threads:[~2016-01-07 21:06 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-29 13:01 Mac80211 : Wpa rekeying issue Cedric VONCKEN
2015-12-29 14:19 ` Emmanuel Grumbach
2015-12-29 15:23 ` voncken
2015-12-31 8:12 ` voncken
2015-12-31 8:41 ` Emmanuel Grumbach
2015-12-31 10:15 ` voncken
2015-12-31 15:25 ` Ben Greear
2016-01-05 9:19 ` Johannes Berg
2016-01-05 9:47 ` Matthias May
2016-01-05 9:58 ` Johannes Berg
2016-01-05 10:54 ` Matthias May
2016-01-05 15:50 ` Johannes Berg
2016-01-06 9:09 ` Matthias May
2016-01-07 21:06 ` Johannes Berg [this message]
2016-01-07 21:15 ` Johannes Berg
2016-01-12 11:38 ` Emmanuel Grumbach
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1452200788.3141.22.camel@sipsolutions.net \
--to=johannes@sipsolutions.net \
--cc=cedric.voncken@acksys.fr \
--cc=egrumbach@gmail.com \
--cc=linux-wireless@vger.kernel.org \
--cc=matthias.may@neratec.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).