Re: WPA and CCMP

On Tue, 2006-01-10 at 00:08 +0000, James Ettle wrote:
> I've been playing around with CCMP (AES). I've found that if I first
> associate with TKIP, and
> then /system/networking/wireless/networks/<ssid>/we_cipher to 8 in
> gconf, NetworkManager then tells wpa_supplicant to use CCMP. It then
> goes on to authenticate and pick up an IP address. Although
> NetworkManager identifies the AP as CCMP capable, it doesn't seem to
> forward this to nm-applet.

Right, it doesn't support WPA2 (also known as WPA Enterprise) quite yet.
CCMP is the defined encryption protocol for WPA2.  There wouldn't be
that much work needed to make WPA2 work correctly, but I was
intentionally keeping the scope of the WPA stuff as small as possible
for the moment.  Meaning, just WPA + TKIP.  Hopefully WPA2 will be along

> [I also have to hack the timeout 120s, as for some reason my setup seems
> very slow at associating... don't know whether that's ipw2200,
> wpa_supplicant or the USR, though.]

Odd, though I'd expect a WPA2 association to take longer on some levels,
given that there are so many more steps.  When 802.1x and RADIUS get in
the picture, the authentication is actually 2 hops away from the client,
which means more time.  So we may need to have different timeouts for
different AP setups.  But we can detect that.

Thanks for the report,


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]