Site Report Conceptual Model Month 2004 doc.: IEEE 802.11-04/xxxr0 May 2004 Site Report Conceptual Model Bernard Aboba Microsoft Bernard Aboba, Microsoft

May 2004 Problem Statement The primary purpose of the Site Report is to provide measurements to the STA prior to scanning, which enable the STA to optimize aspects of roaming: Scanning Pre-authentication Others? Are there secondary purposes? Bernard Aboba, Microsoft

Basic Principles The Information in the Site Report is only a “hint”. May 2004 Basic Principles The Information in the Site Report is only a “hint”. The information could be wrong, so the STA needs to be robust against misleading Site Reports. This is true whether the Site Report is authenticated or not. The STA will always scan prior to roaming (passive or active). At a minimum, the STA needs to determine which APs it can communicate with prior to roaming. Bernard Aboba, Microsoft

Robustness Against Bad “Hints” May 2004 Robustness Against Bad “Hints” A STA may choose to ignore part or all of the Site Report. The STA might investigate the first few entries, fail to find an AP of interest and do a full scan. The STA might investigate all the entries, regardless of any prioritization implied in the Site Report. A STA MUST be robust against misleading information. A STA should not “blacklist” APs based on the Site Report “Bad” APs are just lower priority, not “off limits”. When information in the Site Report conflicts with other sources, the other sources (scan, 4-way handshake, etc.) are definitive. Once the STA scans, it behaves the same way it would if there were no site report. The Site Report has a very short “shelf life” Bernard Aboba, Microsoft

Examples of “Bad Hints” May 2004 Examples of “Bad Hints” APA provides irrelevant information in the site report STA was headed north, APA provided info on APs to the south. APA provided info on APs supporting IEEE 802.11a, but STA only support 802.11b. Result: STA does a conventional scan, is no worse off. APA has stale information on APB STA will discover correct capabilities when it scans or receives IEs in the 4-way handshake Lesson: STA can benefit by scanning for low priority APs. Need to be careful how APA obtains information provided in the Site Report Information obtained from STAs can be stale, pollute APA cache Need to carefully define what info STAs provide APA priorities differ from STA priorities Example: APA thinks pre-authentication is not as good as other schemes, prioritizes APB lower… STA only supports pre-authentication, but APA has no way to know this. Better for APA to provide the info, let the STA decide Bernard Aboba, Microsoft

Site Report vs. Scanning Month 2004 doc.: IEEE 802.11-04/xxxr0 May 2004 Site Report vs. Scanning The Site Report can provide information that the STA needs prior to scanning. If the information isn’t required prior to scanning, it should be considered for the Beacon/Probe Response, not the Site Report. Even though the Site Report is more scalable than the Beacon/Probe Response, this doesn’t imply that the Site Report should replace existing scan mechanisms. All STAs and APs implement the Beacon/Probe Response. Not all APs or STAs will implement the Site Report. Bernard Aboba, Microsoft

Implementation Choices May 2004 Implementation Choices A STA may choose to scan in the background. The scan may not be on the critical path for roaming, but reducing unnecessary scanning is still useful. AP may not have enough buffers to avoid losing packets when frequently placed into power save mode. A STA may choose to send Site Report queries and receive responses in the background. The STA may wish to obtain a Site Report every DT, regardless of the status of the current point of attachment. Enables a STA to handle a disassociation at any time, without additional on-the-wire functionality. Bernard Aboba, Microsoft

A Conceptual model At Point 1, the STA obtains the Site Report. May 2004 A Conceptual model Channel 11 Channel 6 c v 2 1 D APB STA APA At Point 1, the STA obtains the Site Report. At Point 2, the STA scans. Shortly thereafter, the STA roams from APA to APB. Bernard Aboba, Microsoft

What Information Is Needed Early? May 2004 What Information Is Needed Early? Information related to pre-authentication. By the time the STA gets to point 2, it may be too late to complete pre-authentication successfully. Information related to scanning. Optimized scanning can enable the STA to pick up APB earlier, particularly if scanning occurs in the background and traffic is heavy. Bernard Aboba, Microsoft

What Information Do We Need? May 2004 What Information Do We Need? AP BSSIDs, Channels, SSIDs A STA can function with only this information: Sufficient for scan optimization STA can try pre-auth to all APs, regardless of whether they support it or are reachable. Bernard Aboba, Microsoft

What Information Might We Want? May 2004 What Information Might We Want? Information to allow the STA to prioritize potential roaming candidates STA may not have the resources (or time) to “investigate” all potential roaming candidates AP may not be aware of all STA capabilities, therefore cannot prioritize potential roaming candidates the same way the STA would. Examples: RSN IE Match Whether an AP supports pre-authentication, WPA2, etc. Reachability Whether an 802.1X pre-authentication packet sent by the STA can reach the AP. Bernard Aboba, Microsoft

Thinking About Security May 2004 Thinking About Security The Site Report may be needed even in networks where security is not in use. Even Open networks may want to optimize scanning! STAs need to be robust against bad “hints” regardless of whether the Site Report is authenticated Question: Should security be mandatory to use for the Site Report? Bernard Aboba, Microsoft

Case Study: “Trusted” Bit May 2004 Case Study: “Trusted” Bit Meaning: APB is a member of the ESS, according to APA. What does a STA do with this? STA may choose to prefer a “Trusted” AP. STA may also choose to ignore the “Trusted” bit. If APA is truly “untrusted” then pre-auth will fail. If STA has resources to try pre-auth to “untrusted” APs, it may not care about the value of the “Trusted” bit. What does the STA not do with it? Refuse to talk to APA : enables a DoS attack Bernard Aboba, Microsoft

May 2004 Feedback? Bernard Aboba, Microsoft