1. doc.: IEEE 802.11-11/0877r0 Submission June 2011 802.11 WG Slide 1 TGs response to CN NB comments Date: 2011-06-17 Authors:

2. doc.: IEEE 802.11-11/0877r0 Submission June 2011 802.11 WG Slide 2 Abstract IEEE 802.11 Task Group ‘s’ (Mesh Networking) received comments from the China NB on its draft. Their resolutions are discussed here.

3. doc.: IEEE 802.11-11/0877r0 Submission June 2011 802.11 WG China NB Comments on IEEE 802.11s and Their Resolutions There are numerous editorial mistakes in the draft. (Specific examples were given). The specific mistakes were corrected and a complete pass was made on the draft fixing several more editorial errors. A professional editor from IEEE SA will be assigned to edit the draft after Sponsor Balloting closes to resolve any remaining editorial issues. Slide 3

4. doc.: IEEE 802.11-11/0877r0 Submission June 2011 802.11 WG China NB Comments on IEEE 802.11s and Their Resolutions What are the mechanisms against man-in-the-middle attack in a Mesh Network? The mandatory-to-implement security protocol (SAE) performs mutual authentication and is resistant to passive attack, active attack, and dictionary attack. A man-in-the-middle would be unable to impersonate another mesh point nor could it glean any secret information by observing exchanges between legitimate mesh points. A man-in-the-middle would be unable to launch an attack. Slide 4

5. doc.: IEEE 802.11-11/0877r0 Submission June 2011 802.11 WG China NB Comments on IEEE 802.11s and Their Resolutions Because the authentication credential is a shared secret (word, key, code, or phrase) it may be necessary to add support for authentication using a certificate. A proposal was made to introduce an protocol that authenticated a Diffie-Hellman exchange with digital certificates. The proposal failed to garner enough support for inclusion in the draft. The effort can be taken up again, and any and all help is solicited to encourage its adoption. Slide 5

6. doc.: IEEE 802.11-11/0877r0 Submission June 2011 802.11 WG China NB Comments on IEEE 802.11s and Their Resolutions Is the Root Mesh STA the same as a Mesh Portal (now named a Mesh Gate)? Conceptually, a Root Mesh STA is the entity used as a root for proactive tree building (routing); a Mesh Gate is the entity that has access to the DS as well as the MBSS. In practice they may be the same, but they need not be. Slide 6

7. doc.: IEEE 802.11-11/0877r0 Submission June 2011 802.11 WG China NB Comments on IEEE 802.11s and Their Resolutions Is a Mesh STA a Mesh Portal (now called a Mesh Gate) or a terminal point? A Mesh STA is a STA that supports mesh functionality as defined in IEEE 802.11s. That functionality can include the requirements to be a Mesh Gate but it is not required to include it. Not all Mesh STAs are Mesh Gates but all Mesh Gates are Mesh STAs. Slide 7

8. doc.: IEEE 802.11-11/0877r0 Submission June 2011 802.11 WG Summary Task Group ‘s’ (Mesh Networking) thanks the China NB for its comments on, and review of, the TGs draft All comments were resolved in Palm Springs, CA, in May 2011. The Task Group feels no further disposition is necessary. Assistance in adding a certificate-based authentication protocol is requested The authentication protocol added by Task Group ‘s’ (SAE) can be used as a blue-print– authentication prior to association followed by the 4-way handshake, negotiation of the domain parameter set to use with Diffie-Hellman, use of a new RSN AKM and ciphersuite, etc. The exchange can be modeled on existing, provably secure exchanges. The old proposal can be polished and resubmitted. Additional support of the proposal can help it be adopted into the IEEE 802.11 standard. Slide 8

9. doc.: IEEE 802.11-11/0877r0 Submission June 2011 802.11 WG Slide 9 References 11-11-0703-06-000s-p802-11s-sponsor-ballot-4 th -recirc-comments.xls