Ron Leach wrote: > On 19/10/2017 16:56, Dan Purgert wrote: >> Brian wrote: >>> [...] >>> Isn't it sufficient to fix one end of the >>> connection to dispose of the vulnerability? >>> >> >> KRACK is an attack against the *client* side. It MUST (rfc2119) be that >> device that is patched against the attack. >> > > Dan, I'm not sure it's that simple, either. > [...] > > Your advice is extremely close, and very pertinent, but *both* clients > need to be fixed.
I read his comment as "one side" being the AP side in the AP/Client relationship ... not that you'd only need to patch "one client". To be as clear as possible -- Any and all client devices MUST (rfc2119) be patched to be secure from the KRACK attack. -- |_|O|_| Registered Linux user #585947 |_|_|O| Github: https://github.com/dpurgert |O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5 4AEE 8E11 DDF3 1279 A281