Hi Mike,
Thanks for the comment during the call and initiating the mail thread in reflector. (Sorry for my delay response)
I appreciate you provide a simple direction for MAPC protection with some high level guidance. I totally agree what you said, we should define or reuse something like current mesh protocol.
I propose to reuse PASN because the authentication, PTK generation, and the proposed GTK exchange can be done within 3 authentication frames exchange( after KEK in PASN enabled), while the current authentication and AMPE in mesh protocol belongs two separated
procedures, and the later one may cause some overhead issue compared with PASN . Anyway, we could discuss more on this point.
And I plan to run the following SP if other members also support this direction:
Do you agree to define light mesh STA for MAPC with the following functionalities and features:
1) Dedicating for M-AP discovery, M-AP authentication(including PTK generation and GTK exchange).
2) Collocating with the AP(s) that intends to participate MAPC scheme
3) Not allowed to set up association with another light mesh STAs .
Note1: It's TBD to reuse or modify the AMPE or PASN protocol.
Note2: Other functionalities are TBD .
Welcome the further comments on this.
Thanks
Best Regards
Jay Yang (杨志杰)
Original
Subject: [STDS-802-11-TGBN] Your PPT on MAP protection
Hi Jay,
I really appreciate you bringing up this MAP protection issue.
The reason why I brought up Mesh for protecting MAP coordination was because:
a) mesh peering is fairly lightweight
b) broadcast among peers is already addressed
c) Mesh already handles multiple authentication and is agnostic to the authetnication type.
d) Mesh handles many to many peer connections.
e) I think you need some basic state information between peer APs to use MAP.
I'm not suggesting we establish a mesh network with all the features, just borrow the parts that we need.
To unsubscribe from the STDS-802-11-TGBN list, click the following link:
https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBN&A=1