On Fri, Apr 30, 2021 at 06:00:00PM +0000, Kevin Chadwick wrote: > On 4/30/21 12:18 PM, Stefan Sperling wrote: > > Our default group cipher is CCMP which should not involve any TKIP MIC > > checks on the AP. Such checks occuring would be a bug in this case. > > TKIP has been so easily crackable for over a decade that I wonder if it has a > place in OpenBSD, atleast without stark warnings. > > Is it worth the maintenance?
TKIP is already disabled by default. We decided not to remove the feature because it may sometimes be required to get online. Just like plaintext and WEP. In this case the bug wasn't even in the TKIP code. It's just a driver in need of a workaround for a hardware quirk.
