Forum

Can anyone explain to me what the privacy bit is really used for? Section 7.3.1.4 of the standard says that APs set the bit to 1 if WEP encryption is required and 0 if WEP is not required. Likewise STAs set it to 1 or 0 in an IBSS depending on whether WEP is required or not. Presumably, if there's a mismatch then the stations would not be allowed to complete association. However, what I don't understand is if this bit is required when non-WEP encryption is used such as TKIP or CCMP.

A few months ago I worked on a project for a client at work where they were deploying a bunch of Cisco 4404 controllers with thin APs. They were using Motorola handheld scanners with Samsung-made CF radios to associate to these APs. Initially they ran into a problem with scanners not being able to associate. Cisco was onsite with a protocol analyzer and we found out that the handheld devices were not setting the privacy bit. Even though they were configured for WPA-PSK (TKIP), apparently Cisco's controllers were checking the privacy bit and thus not allowing the handhelds to associate. The client argued that these very same handheld devices worked fine with a Symbol switch. Apparently Symbol is not checking for the privacy bit so in light of the situation and with some politics involved, Cisco released a patch for the controllers to ignore the privacy bit. Their reasoning behind it was that "if Symbol ignores it, then so can we". I am not sure if Cisco integrated this patch into their production code or not, but that was the outcome at the time.

Just wondering if anyone else has any practical experience with this or can explain it from a standards perspective to me.