[PATCH] AP: SAE on 6GHz requires H2E enabled in config

Jouni Malinen j at w1.fi
Mon Nov 28 08:51:51 PST 2022

On Thu, Apr 07, 2022 at 01:49:43PM +0200, Nicolas Escande wrote:
> diff --git a/src/ap/ap_config.c b/src/ap/ap_config.c
> @@ -1187,6 +1187,13 @@ static bool hostapd_config_check_bss_6g(struct hostapd_bss_config *bss)

> +#ifdef CONFIG_SAE
> +	if ((bss->wpa_key_mgmt & WPA_KEY_MGMT_SAE) && !bss->sae_pwe) {
> +		wpa_printf(MSG_ERROR, "SAE with H2E is mandatory on 6 GHz");
> +		return false;
> +	}
> +#endif

As far as the IEEE Std 802.11ax-2021 is concerned, there is no such
mandate (see 12.12.2 for security constraints in the 6 GHz band).
WPA3-Personal requirements with Wi-Fi 6E are separate, but taken into
account that that is what most devices will end up following, it would
sound reasonable to at least enable H2E automatically whenever using SAE
on the 6 GHz band.
Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list