802.11w and 128/256 bit SHA.

Jouni Malinen j at w1.fi
Thu Nov 13 04:49:38 EST 2014


On Mon, Nov 10, 2014 at 01:34:53PM -0800, Ben Greear wrote:
> I have been trying to understand 802.11w a bit better, and I
> have a question:
> 
> Should we always disable the non-SHA256 versions of key management
> if we are trying to require ieee80211w?

While the standard does not require this, there is not really much of a
point in enabling the old AKMs if ieee80211w=2 is used, so yes, I would
only include the SHA256-based version in that configuration (and both
SHA-1 and SHA256 with ieee80211w=1).
 
-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list