On Sat, Jan 06, 2007 at 08:14:46PM +0200, Manolis Tzanidakis wrote: > Hello all and happy new year, > in the 3.9 -> 4.0 changelog (http://www.openbsd.org/plus40.html) I saw > this interesting entry: > > Implement the Michael MIC as defined in IEEE 802.11i for TKIP. This > generates a weak 64-bit digest protected by an additional key - > required for future IEEE 802.11i/WPA support. > > Has there been any progress on WPA/WPA2 support yet ? >
yes, very very minimal progress. i implemented tkip during 23c3 and we have some pending diffs... but this will take some more time because it requires intrusive changes in the drivers and the net80211 framework. so far, nothing is commited yet. and again, we do not like to import the free/netbsd wpa/wpa2 kernel implementation. somebody wants to sponsor the development ;)? > P.S.: I know that an IPSEC/OpenVPN-based solution is way more secure > than WPA, so please don't bother trolling about it. > please...... ipsec != openvpn. wpa is important for basic network access in unfriendly enviroments like universities or corporate wireless networks. i can see the point now, so your request is totally ok. but i do like to troll about mentioning ipsec and openvpn in one word... argh... ;-). reyk
