1. Nancy Cam-Winget, Cisco Systems Inc
January 2003
TGi Motions
Nancy Cam-Winget, Cisco Systems Inc
N. Cam-Winget

2. RSN IE provided in 3rd message
January 2003
RSN IE provided in 3rd message
Clause states:
“Key Data = included RSN IE – in a BSS, the AP’s Beacon/Probe RSN IE”
AP can enforce security policy after EAP auth
Unicast cipher can change as a result of EAP auth
Change of unicast cipher can only be relayed to STA in 3rd message
N. Cam-Winget

3. January 2003
Motion
Instruct editor to request new reason code (from the IEEE ANA) and add said code in Table 18 as:
Cipher suite is rejected per security policy
N. Cam-Winget

4. January 2003
Motion
Insert after 1st sentence in 4th paragraph of Key Data description in Clause 8.5.2:
“Optionally, the Authenticator may also insert a 2nd RSNIE. The 2nd RSN IE indicates the unicast cipher suite the Authenticator shall use with the STA. This is used when the Authenticator requires the Supplicant to use a different unicast cipher and must be one of the ciphers advertised by the Authenticator. All other fields in the 2nd RSN IE must be identical to the 1st RSN IE.”
Change Key Data description in Clause to
“Key Data = the AP's Beacon/Probe RSN IE and an optional 2nd RSN IE that is the Authenticator’s unicast cipher suite assignment”
Insert a new item (as item #3) in Clause
“If a 2nd RSN IE is provided in the message, the Supplicant shall apply the information specified in the 2nd RSN IE, or disassociate.”
Append to the KeyIdentifier table of Clause the following entry:
N. Cam-Winget