Hi Dan,
Thanks for your contribution. Here are my comments and questions as I mentioned during the AM1 meeting.
- I believe an element forward (extended length element) design does offer greater extensibility moving into the future for 802.11 and PQC generally. I think there is a genuine use case here for extended elements to be used in PQC and beyond.
- Extra messages being sent now are payload-free and not really a problem, in the scheme of PQC they are virtually free.
- EAP-first is DoS-resistant by design since expensive PQC operations are gated behind identity verification, which is architecturally sound especially at infrastructure scale
- PoW as discussed in the group + EAP-first provides a layered defense where PoW handles unauthenticated flooding and EAP would handle the authentication gate before PQC Key commitment
- EAP-first also allows for mechanisms where with proper linkage between AS and AP, we can have true E2E Security Posture Remediation during authentication flow.
- Content Presence field has genuine future value for multi-KEM profile compositions (where 1 KEM is fixed in Security Profile and other is to be negotiated) - where payload structure is not fully implicit from frame position alone [similar to the DH Group negotiation and ungraceful fallback issue seen now].
Best,
Anuj Dharap
To unsubscribe from the STDS-802-11-TGBT list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11-TGBT&A=1