(WIFI) Missing specific WPA3 opmodes leads to vendor ambiguity
jsnyder81 opened this issue · 3 comments
jsnyder81 commented
Currently the /access-points/access-point/ssids/ssid/config/opmode
supports the following WPA3 modes:
WPA3_SAE: WPA3-SAE using Simultaneous Authentication of Equals (SAE).
WPA3_ENTERPRISE: WPA3-Enterprise with 802.1X SHA-256 authentication key management.
WPA3_ENTERPRISE_192_BIT WPA3-Enterprise with 802.1X SHA-384 authentication key management.
This leads to confusion as there are a number of transition modes, as well as additional WPA3_ENTERPRISE encryption modes.
We've already experienced issues with vendors not implementing the same defaults when specifying these modes.
The proposal is to add the following modes in order to reduce ambiguity for the vendors when implementing these.
# Handles WPA3 to WPA2 transition
- WPA3_2_SAE_TRANSITION
- WPA3_2_ENTERPRISE_TRANSITION
- ENHANCED_OPEN_TRANSITION
# Introduces GCM_256 mode to eliminate confusion
- WPA3_ENTERPRISE_GCM_256
# Update existing OPMode descriptions to be more explicit.
I'll be submitting the PR on this next week.
jsnyder81 commented
Forgot adding:
ENHANCED_OPEN_TRANSITION