| Re: Last call comments forcapwap-protocol-binding-ieee80211-07 | <– Date –> <– Thread –> |
From: Pat Calhoun (pacalhou) (pcalhoun cisco.com)
|
|
| Date: Tue, 19 Aug 2008 18:53:26 -0700 (PDT) | |
> > > > <current text> > > > > 2.2.1. Split MAC > > > > [...] > > > > > > > > o The WTP generates the IEEE 802.11 Beacon frames, using > > > > information > > > > provided to it through the IEEE 802.11 Add WLAN (see > > > > Section 6.1) > > > > message element, including the RSNIE, which > > > > indicates support of 802.1X and AES-CCMP. > > > > </current text> > > > > > > Yes, but the spec isn't very clear on how the RSN IE exactly is > > processed by the WTP (the IE has number of different fields). > > > > The WTP does not need to perform any processing of the RSN IE. The IE > > is included in the Beacon and Probe Responses as-is by the WTP. Any > > cryptographic policies are sent by the AC either through the Add > > Station or the Session Key message elements. > > By "processing", I meant the WTP has to parse the contents of the RSN IE, find some field(s) inside it, and use those value(s) for something. > Both Sections 6.1 and 6.15 say the WTP does this; I'd like to see more details for "some field(s)" and "something". > > (Presumably, other IEs are just stored and copied to Beacons and Probe Responses -- the WTP doesn't need to parse them. Is this correct?). I think you are asking two separate questions. In terms of what processing needs to happen when the WLAN is created, which requires that many IEs are sent, including RSN, the answer is none. The WTP only includes them in the Beacons and Probe Responses. > > So in order to provide more clarity, I propose adding the first > > sentence in the last paragraph of the following text: > > > > <modified text> > > 6.1. IEEE 802.11 Add WLAN > > [...] > > Power Constraint information element > > > > EDCA Parameter Set information element > > > > QoS Capability information element > > > > WPA information element [WPA] > > > > RSN information element > > > > WMM information element [WMM] > > > > These IEEE 802.11 information elements are stored by the WTP and > > included in any Probe Responses and Beacons generated, as specified > > in the IEEE 802.11 standard [IEEE.802-11.2007]. If > > present, the RSN > > information element is sent with the IEEE 802.11 Add WLAN message > > element to instruct the WTP on the usage of the Key field. > > </modified text> > > As I wrote above, I don't think "instruct" is enough here, or in Section 6.15. Which fields are used, and how? > > (As an example of ambiguity, the RSN IE can list multiple pairwise cipher suites. If both TKIP and CCMP are listed in the RSN IE, what does the WTP do? The IEEE 802.11 Station Session Key message element could -- and perhaps should -- contain a "Cipher Suite" > field, but currently, it doesn't.) OK, now in terms of Section 6.15, there is some processing required. Sorry, I thought you were talking about the beacons/probes, not this section. In the IEEE standard, the AP can advertise multiple cipher suites in the Beacon and Probe Responses, but it confirms the cipher to use in message three of the 4-Way Key Handshake. So I have modified the text in section 6.15 to be specific about the cipher and AKM fields. So the new text reads: <new text> 6.15. IEEE 802.11 Station Session Key [...] The RSN information element MUST sent along with the IEEE 802.11 Station Session Key in order to instruct the WTP on the usage of the Key field. The WTP MUST observe the AKM field of the RSN information element in order to identify the authentication protocol to be enforced with the station. If cryptographic services are provided at the WTP, the WTP MUST observe the algorithm dictated in the Pairwise Cipher Suite field of the RSN information element sent by the AC. The RSN Information Element included here is the one sent by the AC in the third message of the 4-Way Key Handshake, which specifies which cipher is to be applied to provide encryption and decryption services with the station. The RSN Information Element is used to communicate any supported algorithm, including WEP, TKIP and AES-CCMP. In the case of static WEP keys, the RSN Information Element is still used to indicate the cryptographic algorithm even though no key exchange occurred. </new text> Does this address your comment? PatC
- Re: Last call comments for capwap-protocol-binding-ieee80211-07, (continued)
- Re: Last call comments for capwap-protocol-binding-ieee80211-07 Pat Calhoun (pacalhou), August 13 2008
- Re: Last call comments for capwap-protocol-binding-ieee80211-07 Pasi.Eronen, August 18 2008
- Re: Last call comments for capwap-protocol-binding-ieee80211-07 Pat Calhoun (pacalhou), August 19 2008
- Re: Last call comments for capwap-protocol-binding-ieee80211-07 Pasi.Eronen, August 19 2008
- Re: Last call comments forcapwap-protocol-binding-ieee80211-07 Pat Calhoun (pacalhou), August 19 2008
- Re: Last call comments forcapwap-protocol-binding-ieee80211-07 Pasi.Eronen, August 21 2008
- Re: Last call comments forcapwap-protocol-binding-ieee80211-07 Pat Calhoun (pacalhou), August 21 2008
Results generated by Tiger Technologies using MHonArc.