Whilst studying for CWSP I was struggling to reconcile the definition of the Authentication Key Management (AKM) Suite selector field that is contained with the RSN IE. In the CWSP-206 study guide on page 200 it is described as being either 01 (802.1X) or 02 (PSK). However, when I looked inside a packet capture in Wireshark (and also in WinFi) I could only see a decode of WPA for 802.1X networks.
Time to check the standard. On page 886 of the 80211-2016 standard there is the following table:
So the value is being correctly set in the RSN IE to 01.
For a PSK network the suite type was set to 02 and decoded as PSK which matches the standard.
So what is the take away from this, well it just appears that Wireshark is decoding the suite type of 1 correctly but giving it a confusing name of WPA to mean 802.1X.
No comments:
Post a Comment