1 / 16

Proposed solutions to comments on section 7

Proposed solutions to comments on section 7. Minor comments. Doc 294 Rev 1 Minor comments and resolutions Bad use of “shall” Incorrect cut and paste Not always saying only use ESN functionality if ESN capable Define ID numbers Better diagrams Not clear encrypting only data frames

esben
Download Presentation

Proposed solutions to comments on section 7

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Proposed solutions to comments on section 7 Tim Moore, Microsoft

  2. Minor comments • Doc 294 Rev 1 • Minor comments and resolutions • Bad use of “shall” • Incorrect cut and paste • Not always saying only use ESN functionality if ESN capable • Define ID numbers • Better diagrams • Not clear encrypting only data frames • Description of usage of elements should be in section 5 not 7 • NULL security to 0.0.0.0 and move rest down • Motion for editor to accept the above changes Tim Moore, Microsoft

  3. Major comments • Unspecified authentication • Kerberos Optimization (ignore) • Which elements are in which messages • How Multicast Ciphers are negotiated • ESN without ULA • Mixed ESN and Legacy Tim Moore, Microsoft

  4. Unspecified authentication(1608) • Use of unspecified authentication to allow 802.1X to decide • WG discussed this before and there were deployments that it was useful for • Motion to reject comment Tim Moore, Microsoft

  5. Kerberos optimization (ignore) • Information elements are optional, all authentication methods must run without the information elements. • The elements defined are optimized for Kerberos Tim Moore, Microsoft

  6. Beacon(586,340,1343,1439,744,41,1521,1656,1390) • Motion passed last meeting • Client may optimize if supplied but if not can find out either via probe or associate/re-associate • ASE optional • UCSE optional • MCSE optional • Realm Name optional • Principal Name optional Tim Moore, Microsoft

  7. Probe Request • Client asks for what it wants to optimize, a STA that is not ESN capable does not supply the elements in the response • 802.11d Request Element containing • ASE, UCSE, MCSE, Realm Name or Principal Name element IDs Tim Moore, Microsoft

  8. Probe Response • If ESN capable must supply whatever elements were asked for in Probe Req Request Element • ASE optional • UCSE optional • MCSE optional • Realm Name optional • Principle Name optional Tim Moore, Microsoft

  9. Associate Request • ASE optional • Left to other STA if not supplied • UCSE optional • Left to other STA if not supplied • MCSE optional • Left to other STA if not supplied • Nonce optional • Authentication methods must be able to handle not having them, but optimize the auth protocol Tim Moore, Microsoft

  10. Associate Response • ASE optional • Must be supplied if defaults not correct and must be within request scope • UCSE optional • Must be supplied if defaults not correct and must be within request scope • MCSE optional • Must be supplied if defaults not correct and must be within request scope • Realm Name optional • Authentication methods must be able to handle not having them, but can be used to optimize the auth protocol • Principle Name optional • Authentication methods must be able to handle not having them, but can be used to optimize the auth protocol • Nonce optional • Authentication methods must be able to handle not having them, but can be used to optimize the auth protocol Tim Moore, Microsoft

  11. Re-associate Request • ASE optional • Left to other STA if not supplied • UCSE optional • Left to other STA if not supplied • MCSE optional • Left to other STA if not supplied Tim Moore, Microsoft

  12. Re-associate Response • ASE optional • Must be supplied if not defaults not correct and must be within request scope • UCSE optional • Must be supplied if not defaults not correct and must be within request scope • MCSE optional • Must be supplied if not defaults not correct and must be within request scope • Realm Name optional • Authentication methods must be able to handle not having them, but optimize the auth protocol • Principle Name optional • Authentication methods must be able to handle not having them, but optimize the auth protocol Tim Moore, Microsoft

  13. UCSE/MCSE(1159,746,1401,1742,1274,351,587,588) • Each STA/STA pair can negotiate a different UCS • The AP decides the MCS and forces all STAs to it (may be based on the first STA) • If MCSE is not specified in response defaults to AES not to UCSE • Motion to accept update document as above Tim Moore, Microsoft

  14. ESN without ULA(1463) • Should AES without ULA is allowed in ESN? • E.g. For IBSS • Motion to disallow AES without ULA and require to support ULA within IBSS Tim Moore, Microsoft

  15. Mixed ESN and Legacy(1744) • Mixed BSS of ESN and Legacy • We do not mandate all ESN • Motion to make recommended not mandatory Tim Moore, Microsoft

  16. Improved definition on usage of “privacy” bit (1833) • Usage of the Privacy Subfield in the Capability Information element is not specified for a STA operating in an ESS. • This has led to different interpretation which came apparent during early WECA discussions and was “fixed” in WiFi testing agreements • This could better be fixed in context of ESN. • Motion to ask for proposals on text for usage definition, consistent with ESN and with adopted WiFi behaviour. Tim Moore, Microsoft

More Related