pmkid in association request

Paresh Sawant paresh.sawant
Fri Dec 26 20:49:07 PST 2008

my goal is to simulate the roaming environment. So I'm just changing the
ssid name and not turning off the power.

But I guess as you pointed out, even the change of ssid may be flushing the
pmksa cache.

Any better ideas to simulate roaming?

On Sat, Dec 27, 2008 at 12:03 AM, Jouni Malinen <j at> wrote:

> On Tue, Dec 23, 2008 at 02:09:58PM +0530, Paresh Sawant wrote:
> > 2.2>I start AP2(ssid = "linksis-wpa2-ttls"), and after AP2 is up and
> > running, I stop AP1. wpa_supp receives "media connect" for AP2, and it
> > performs RSNA with AP2 successfully.
> >
> > 2.3> I start AP1 again (without any change in configuration), and after
> AP1
> > is up and running, I stop AP2. wpa_supp receives "media connect" for AP1,
> > and it performs RSNA with AP1 successfully.
> >
> > Conclusion: I see an issue in <2.3>, since AP1 does not honor the pmkid
> in
> > association request, it performs the full EAP again. Since wpa_supp sends
> > correct PMKID in association, I was expecting AP1 to directly jump to
> > but it does not happen that way.
> How exactly did you "stop AP1"? If you just power cycled it, the PMKSA
> cache was cleared and the AP won't recognize the PMKID anymore. This is
> expected behavior. PMKs are unlikely to be cached in non-volatile
> memory (and really shouldn't be from security view point).
> --
> Jouni Malinen                                            PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the Hostap mailing list