[zamadatix]

"A client should remember" just transfers things to first trust attacks, if you want to do it right you'd have to make sure you add the network to the device as WPA3 only from the get go.

Side channel attacks, sure, the standard could also have just said "don't be vulnerable to side channel attacks when generating secure data" along with everything else you should do to make a secure system.

Does it really matter how efficient the DoS attack is if any consumer gear can do the in efficient future proof version anyways? As far as intelligent attacks go isn't this yet again an implementation detail where the AP should rate limit responses to a particular client based on it's resources?

Sure, Greenfield things should be written the best they reasonably can be but not being the best something could be doesn't equate to insecure. It's a valid complaint about the standard but not an insecurity.

Again the paper had valid interesting findings in real world side channel attacks and some valid complaints that Dragonfly could have been implemented in better way but it's not focused on attacking those instead it's focused on making big noise about how bad running things in WPA2 mode is bad under the title of being about WPA3.

[gipsies]

I again feel that most of these points are all discussed in the paper. Trust-on-first-usage is also used in SSH. Attack uses spoof MAC addresses, hard to rate-limit that. Modern crypto should be designed to reduce chance of implementation flaws. Paper concludes that WPA3 is still better than WPA2. Most attacks are on WPA3's Dragonfly. Etc. The most practical attacks are downgrades to WPA2 though, so the press might focus too much on that..