<div dir="ltr"><div><div><div><div><div><div><div><div>Hello Jouni,<br><br></div>As per my understanding if all the connected P2P clients have same key. We can disconnect one of the clients in two ways :<br><br></div>1. We can initiate the disconnection from client side.<br>
</div>2. We can initiate the disconnection from GO side.<br><br></div>As you said all the clients have same key. So if we disconnect the client in any of the above mentioned two ways, does it make any difference?<br></div>
Even if we disconnect the client by initiating the disconnection from client side, this disconnected client can again connect to the previously connected Group because it knows the key.<br><br></div>My next question is , if all the clients have same PSK key, so whenever a packet is transferred from AP to one of the client, how this packet is secured from other clients , as all the clients have same PSK key and so they can also decrypt this packet?<br>
<br></div>Thank you,<br></div>Nishant Sharma<br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Sun, Nov 11, 2012 at 7:49 PM, Jouni Malinen <span dir="ltr"><<a href="mailto:j@w1.fi" target="_blank">j@w1.fi</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">On Tue, Nov 06, 2012 at 12:50:50PM +0530, Nishant Sharma wrote:<br>
> As per my understanding currently, same PSK is being shared<br>
> for all the clients of the same GO. Your suggestion is to have one PSK per<br>
> client. But my requirement is to disconnect a particular client form GO.<br>
> Can I achieve this from following steps:<br>
> 1. Adding a new command for client disconnect in interface.<br>
> 2. this disconnect command will send a disassociation frame to that client.<br>
> 3. Remove client from peer list and clean up all the client resources from<br>
> supplicant of GO.<br>
<br>
</div>That will not prevent the disconnected peer from connecting again since<br>
it knows the PSK. Per-device PSK needs to be used to allow this<br>
operation to be done securely.<br>
<div class="HOEnZb"><div class="h5"><br>
--<br>
Jouni Malinen PGP id EFC895FA<br>
_______________________________________________<br>
HostAP mailing list<br>
<a href="mailto:HostAP@lists.shmoo.com">HostAP@lists.shmoo.com</a><br>
<a href="http://lists.shmoo.com/mailman/listinfo/hostap" target="_blank">http://lists.shmoo.com/mailman/listinfo/hostap</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Thanks and Regards<br>Nishant Sharma<br>
</div>