802.11r key distribution

[Georg Muelleder]

Hi,

I've got some basic questions about 802.11r to which I didn't find a 
conclusive answer in the docs.

We currently are in the process of implementing an office-wide 
WiFi-Solution with EAP-TTLS (authenticating against a RADIUS-Server) and 
FT roaming running on inexpensive TP-Link APs running debwrt.

Everything works like a charm but i don't understand the part in the 
config about the R0KH and R1KH entries.

We currently test our setup with two APs configured like Jouni described 
it in a previous list entry[1]. But how do I proceed now? We will have 
at least seven APs and it just seems a little complicated and messy to 
manually distribute all the keys to the APs.

Should we distribute every R0KH and R1KH key to every AP in the office 
or am I missing something about the concept here?

And last: Are there some best practices we should stick to?

Thanks in advance,

Georg

[1] http://lists.shmoo.com/pipermail/hostap/2008-May/017762.html
-- 
Georg Muelleder                      mail: schorsch at VRVis.at
(Sysadmin)                           tel: +43(0)1 20501 30301

VRVis Zentrum fuer Virtual Reality und Visualisierung
Forschungs-GmbH                      FN: 195369h, HG Wien
Donau-City-Stra?e 1                  +43(0)1 20501 30100
A-1220 Wien, Austria                 web:<http://www.vrvis.at>