Forum

  • Wait, I just re-read the original question. I thought the PMKID is only carried in a Reassociation Request, not an Association Request. Reason being that since an Association is the STA's first connection, there is no need to carry a PMKID that would identify a cached PMKSA.

  • 802.11-2004 amendment
    8.4.1.1.1 PMKSA
    When the PMKSA is the result of a successful IEEE 802.1X authentication, it is derived from the EAP
    authentication and authorization parameters provided by the AS. This security association is bidirectional. In
    other words, both parties use the information in the security association for both sending and receiving. The
    PMKSA is created by the Supplicant?¡é?€??s SME when the EAP authentication completes successfully or the
    PSK is configured. The PMKSA is created by the Authenticator?¡é?€??s SME when the PMK is created from the
    keying information transferred from the AS or the PSK is configured. The PMKSA is used to create the
    PTKSA. PMKSAs are cached for up to their lifetimes. The PMKSA consists of the following elements:
    ?¡é?€?¡± PMKID, as defined in 8.5.1.2. The PMKID identifies the security association.
    ?¡é?€?¡± Authenticator MAC address.
    ?¡é?€?¡± PMK.
    ?¡é?€?¡± Lifetime, as defined in 8.5.1.2.
    ?¡é?€?¡± AKMP.
    ?¡é?€?¡± All authorization parameters specified by the AS or local configuration. This can include parameters
    such as the STA?¡é?€??s authorized SSID.

  • By (Deleted User)

    Hii Everybody..

    This Topic is quite interesting and confusing too.Can u plz tell me ,do I need to study framing details for different EAP methods , I mean which field contains which parameters and when, for CWAP .

    Also plz tell me from where I can get details of changes in 802.11 frames for QOS.

    With Thanx
    Vinay

Page 2 of 2