More detailed documentation on ieee80211w configuration parameter

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2019-12-23 10:48:09 +02:00
parent 1730a6a5ef
commit efaa6256e2
2 changed files with 8 additions and 1 deletions

View file

@ -1659,6 +1659,12 @@ own_ip_addr=127.0.0.1
# 1 = optional # 1 = optional
# 2 = required # 2 = required
#ieee80211w=0 #ieee80211w=0
# The most common configuration options for this based on the PMF (protected
# management frames) certification program are:
# PMF enabled: ieee80211w=1 and wpa_key_mgmt=WPA-EAP WPA-EAP-SHA256
# PMF required: ieee80211w=2 and wpa_key_mgmt=WPA-EAP-SHA256
# (and similarly for WPA-PSK and WPA-PSK-SHA256 if WPA2-Personal is used)
# WPA3-Personal-only mode: ieee80211w=2 and wpa_key_mgmt=SAE
# Group management cipher suite # Group management cipher suite
# Default: AES-128-CMAC (BIP) # Default: AES-128-CMAC (BIP)

View file

@ -955,7 +955,8 @@ fast_reauth=1
# management frames) certification program are: # management frames) certification program are:
# PMF enabled: ieee80211w=1 and key_mgmt=WPA-EAP WPA-EAP-SHA256 # PMF enabled: ieee80211w=1 and key_mgmt=WPA-EAP WPA-EAP-SHA256
# PMF required: ieee80211w=2 and key_mgmt=WPA-EAP-SHA256 # PMF required: ieee80211w=2 and key_mgmt=WPA-EAP-SHA256
# (and similarly for WPA-PSK and WPA-WPSK-SHA256 if WPA2-Personal is used) # (and similarly for WPA-PSK and WPA-PSK-SHA256 if WPA2-Personal is used)
# WPA3-Personal-only mode: ieee80211w=2 and key_mgmt=SAE
# #
# ocv: whether operating channel validation is enabled # ocv: whether operating channel validation is enabled
# This is a countermeasure against multi-channel man-in-the-middle attacks. # This is a countermeasure against multi-channel man-in-the-middle attacks.