A few questions i would like to throw out..
What causes a MSK to be created?. Is it at each and EVERY full 802.1X/EAP auth a new MSK key is created?
If you were to use PSK, then there is no MSK, correct ? Standard mentions, WHEN NOT USING:
When not using a PSK, the PMK is derived from the MSK. The PMK shall be computed as the first 256 bits (bits 0?255) of the MSK: PMK ?L(MSK, 0, 256). When this derivation is used, the MSK must consist of at least 256 bits.