[PATCH 4/4] implement secondary SSID capability

M. Braun michael-dev
Mon Apr 27 07:34:04 PDT 2015

Am 25.04.2015 um 18:18 schrieb Stefan Tomanek:
> Dies schrieb Jouni Malinen (j at w1.fi):
>> Is there really need for this? Use of active scanning for a specific
>> SSID is very much discourages nowadays due to privacy issues (among
>> other things). I would not really recommend anyone to use such
>> configuration for enterprise networks. As such, I don't see how this
>> would work with a reasonable STA configuration (use passive scanning or
>> only wildcard SSID in Probe Request frames) and to address such a use
>> case, multi-BSS design with another beaconing BSS would be used instead.
> Sure, but multi-BSS is limited by the hardware capabilities - and of course
> I was only building on the stubs present :-)

I was once looking into offering WPA-PSK and WPA-EAP using a single BSS.
That didn't really work with newer Apple devices, as they didn't get the
flags right during authentication to choose either WPA-PSK or WPA-EAP.
Now when looking at these patches, I was wondering whether this could be
used to have a single BSS and thus a single group state machine and TDLS
while at the same time offer two ESSID with different AKM (PSK or EAP)
to the devices? I haven't tested whether this would finally enable to
use a single BSS with both authentification schemes, yet.

 M. Braun

More information about the Hostap mailing list