pmkid in association request
paresh.sawant at gmail.com
Fri Dec 26 23:49:07 EST 2008
my goal is to simulate the roaming environment. So I'm just changing the
ssid name and not turning off the power.
But I guess as you pointed out, even the change of ssid may be flushing the
Any better ideas to simulate roaming?
On Sat, Dec 27, 2008 at 12:03 AM, Jouni Malinen <j at w1.fi> wrote:
> On Tue, Dec 23, 2008 at 02:09:58PM +0530, Paresh Sawant wrote:
> > 2.2>I start AP2(ssid = "linksis-wpa2-ttls"), and after AP2 is up and
> > running, I stop AP1. wpa_supp receives "media connect" for AP2, and it
> > performs RSNA with AP2 successfully.
> > 2.3> I start AP1 again (without any change in configuration), and after
> > is up and running, I stop AP2. wpa_supp receives "media connect" for AP1,
> > and it performs RSNA with AP1 successfully.
> > Conclusion: I see an issue in <2.3>, since AP1 does not honor the pmkid
> > association request, it performs the full EAP again. Since wpa_supp sends
> > correct PMKID in association, I was expecting AP1 to directly jump to
> > but it does not happen that way.
> How exactly did you "stop AP1"? If you just power cycled it, the PMKSA
> cache was cleared and the AP won't recognize the PMKID anymore. This is
> expected behavior. PMKs are unlikely to be cached in non-volatile
> memory (and really shouldn't be from security view point).
> Jouni Malinen PGP id EFC895FA
> HostAP mailing list
> HostAP at lists.shmoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the HostAP