public icon indicating copy to clipboard operation
public copied to clipboard
verified publisher icon openconfig

(WIFI) Missing specific WPA3 opmodes leads to vendor ambiguity

Open jsnyder81 opened this issue 2 years ago • 2 comments

Currently the /access-points/access-point/ssids/ssid/config/opmode supports the following WPA3 modes:

WPA3_SAE: WPA3-SAE using Simultaneous Authentication of Equals (SAE).
WPA3_ENTERPRISE: WPA3-Enterprise with 802.1X SHA-256 authentication key management.
WPA3_ENTERPRISE_192_BIT WPA3-Enterprise with 802.1X SHA-384 authentication key management.

This leads to confusion as there are a number of transition modes, as well as additional WPA3_ENTERPRISE encryption modes. We've already experienced issues with vendors not implementing the same defaults when specifying these modes.

The proposal is to add the following modes in order to reduce ambiguity for the vendors when implementing these.

# Handles WPA3 to WPA2 transition
- WPA3_2_SAE_TRANSITION
- WPA3_2_ENTERPRISE_TRANSITION
- ENHANCED_OPEN_TRANSITION
# Introduces GCM_256 mode to eliminate confusion
- WPA3_ENTERPRISE_GCM_256 
# Update existing OPMode descriptions to be more explicit.

I'll be submitting the PR on this next week.

jsnyder81 avatar Jun 08 '23 16:06 jsnyder81

Forgot adding:

ENHANCED_OPEN_TRANSITION

jsnyder81 avatar Jun 08 '23 16:06 jsnyder81

Fixed by #895

dplore avatar Jul 18 '23 16:07 dplore

This issue is stale because it has been open 180 days with no activity. If you wish to keep this issue active, please remove the stale label or add a comment, otherwise will be closed in 14 days.

github-actions[bot] avatar May 11 '24 02:05 github-actions[bot]