From: Johannes Berg <johannes@sipsolutions.net>
To: Jouni Malinen <jkm@devicescape.com>
Cc: Dan Williams <dcbw@redhat.com>, netdev <netdev@vger.kernel.org>,
Jiri Benc <jbenc@suse.cz>,
"John W. Linville" <linville@tuxdriver.com>,
Larry Finger <Larry.Finger@lwfinger.net>,
Thomas Graf <tgraf@suug.ch>
Subject: Re: [RFC] cfg80211 and nl80211
Date: Fri, 06 Oct 2006 11:41:34 +0200 [thread overview]
Message-ID: <1160127694.2715.51.camel@ux156> (raw)
In-Reply-To: <20061005162006.GC17517@instant802.com>
Let me try to summarise this... probably wrong :)
> 1.5 KB sounds like a small scan result set to me.. I'm hitting 100+
> BSSes at work (well, not really your normal environment ;-), and 50 at
> home.. These go way beyond 1.5 KB; closer to 32 KB at times, I'd guess.
Ok this is easy, we need huge results and thus can't reasonably push
them out on each change... Maybe some sequence number thingie could be
used? I'd like to have a .dumpit call with genl to actually dump all the
scan results to userspace, maybe that message could be multicast to
interested stations if someone requests one? No idea... Thomas?
As for the auth/crypto/key mgmt issue... It looks like these three are
basically orthogonal. If I understand correctly, you need to be able to
* set a key including algorithm for the possible
- key indexes 0,1,2,3
- a STA identified by MAC address
(and the key is identified by these uniquely)
This includes
- algorithm (none to clear, wep, tkip, ccmp, ...)
- key material
- TSC/SN (only valid for some algorithms)
(key material length is used to decide between wep types, and some
attributes may be left off, e.g. to change the tsc/sn without
changing the key material or algorithm)
* set transmit key index (STA only?)
* set multicast/broadcast key index
* dot11ExcludeUnecrypted (default true)
* authentication mode, including
- allowed algorithms (open, shared-key, ...)
- key index of key to use
- preference of use? That would make the allowed algorithms a list
instead of a bitfield
* set IE(s) (only some cards)
* set allowed cipher suites for RSN/WPA IE generation (only some cards)
[do we need to be able to distinguish between these or is it fine to
just try both and get an error for one?]
* a way to get the device's capabilities (per-net_device)
- crypto algorithms
- auth algorithms
- ...?
Does that sound right? (throw in get versions for most of these, of
course)
Open issues:
* associating a key index with a mac address for unicast wep key?
Hmm. That's at least 8 operations that WE sticks into 3. No wonder no
one understands it...
johannes
next prev parent reply other threads:[~2006-10-06 9:40 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-09-28 9:23 [RFC] cfg80211 and nl80211 Johannes Berg
2006-09-29 21:10 ` James Ketrenos
2006-09-30 3:00 ` Michael Wu
2006-10-02 9:08 ` Johannes Berg
2006-09-30 3:14 ` Michael Wu
2006-10-02 16:15 ` Dan Williams
2006-10-02 17:01 ` Dan Williams
2006-10-04 7:41 ` Johannes Berg
2006-10-04 14:19 ` Johannes Berg
2006-10-04 17:57 ` Dan Williams
2006-10-05 7:59 ` Johannes Berg
2006-10-05 13:13 ` Stuffed Crust
2006-10-05 15:46 ` Jouni Malinen
2006-10-05 16:20 ` Jouni Malinen
2006-10-06 9:41 ` Johannes Berg [this message]
2006-10-05 7:47 ` Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1160127694.2715.51.camel@ux156 \
--to=johannes@sipsolutions.net \
--cc=Larry.Finger@lwfinger.net \
--cc=dcbw@redhat.com \
--cc=jbenc@suse.cz \
--cc=jkm@devicescape.com \
--cc=linville@tuxdriver.com \
--cc=netdev@vger.kernel.org \
--cc=tgraf@suug.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).