[STDS-802-11-TGM] SSID protection
--- This message came from the IEEE 802.11 Task Group M Technical Reflector ---
There is a recently published paper that describes issues in how the
SSID is not authenticated in all cases and how that can be combined
with some upper layer actions, e.g., with VPN being disabled in a
trusted network, to expose a security vulnerability. Robust way of
mitigating this type of a vulnerability is likely to require a
protocol change.
Taken into account the recent publication of the paper (or well,
formally it is targeting a conference in about a week's time, but the
paper is publicly available now), I would like to discuss this in TGme
today, if we have time available in the agenda.
I posted this contribution that proposed a simple extension to allow
the SSID to be protected in 4-way handshake (which is one of the
options proposed in the paper for addressing the vulnerability):
https://mentor.ieee.org/802.11/dcn/24/11-24-0938-00-000m-protect-ssid-in-4-way-handshake.docx
I would appreciate review and comments on the document. If the TG is
willing, I might make a motion to approve this document (or an updated
version of it based on comments) during the TGme PM2 slot today.
- Jouni
_______________________________________________________________________________
IF YOU WISH to be Removed from this reflector, PLEASE DO NOT send your request to this
CLOSED reflector. We use this valuable tool to communicate on the issues at hand.
SELF SERVICE OPTION:
Point your Browser to - http://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGM and
then amend your subscription on the form provided. If you require removal from the reflector
press the LEAVE button.
Further information can be found at: http://www.ieee802.org/11/Email_Subscribe.html
_______________________________________________________________________________