[zamadatix]

I'm not going to get into the ideological debate of if the standards process is open enough or not but let me pose this: Is it not more likely the fact WPA2 was ratified in 2004 that it continues to be of questionable security to utilize in 2019?

[benchaney]

No, because:

1. WPA3, which has only recently been created, is riddled with issues.

2. Many things much older than WPA2 are still used today without major issues e.g. AES and RSA.

The idea that standards processes aught to be open is not a ideological debate anymore. At this point it is a simple truth backed by overwhelming empirical evidence.

[zamadatix]

The process not being open != The process should have happened sooner

In regards to 2 I disagree, see tls 1.0 as an example. Also aes isn't a protocol, apples to oranges.

[penagwin]

I mean AES was established in 2001, and that's obviously still considered secure.

[zaroth]

Primitives vs Protocols.

Encryption primitives rarely fail. The protocols build on top of them seem to consistently fail.

[hackdown]

The principle, the theory is always good. The protocols are implementations, and often implementations are badly done. See with all versions of SSL/TLS prior to TLS 1.3

[benchaney]

There is no inherent reason that this is true, other than the fact that in order for primitives to be widely use they go through a open vetting process.