[kevinday]

There’s a nuance that I didn’t explain well. WPA2 and 6GHz clients can’t exist together on the same SSID. According to the specification, if you enable 6GHz, the whole network becomes exclusively WPA3. If you enable WPA2, that SSID can’t speak 6GHz. Having new non-WPA3 devices being sold is going to really slow down the adoption of 6GHz, because they can’t coexist. You can’t band steer 6GHz clients to a preferred 6GHz compatible WPA3 only network, it’s up to the user to pick the right SSID.

[AshamedCaptain]

This is a draconian reading of the standard which I think no reasonable person would agree with.

If this is about 12.12.2, then it refers exclusively to the 6GHz STA, and not "to the entire network", which on Wi-Fi is a very loosely defined concept (same BSS? same ESS? already the standard forces different channels to use different BSSIDs).

Nothing prevents the 6 GHz AP's SSID from "coincidentally" being the same as the 2.5/5GHz AP. In fact, this is exactly how a/n works now: even though initially it was common for 5GHz STAs to operate on a different SSID, no one bothers to check, and nowadays I can barely find a consumer/business AP that _by default_ still keeps separate SSIDs for both 2.5 and 5.

While I can find APs that today by default give different SSIDs to 2.5/5 and 6 (oh, the irony), I have not found any that would prevent me from setting the same SSID to all; and some APs I have already set the same SSID to 2.5/5/6 by default. These all have the Wi-Fi logo.

> You can’t band steer 6GHz clients to a preferred 6GHz compatible WPA3 only network, it’s up to the user to pick the right SSID.

You have never been able to truly band steer clients since this is at the client's discretion. Even if you give everything the same SSID, the client may choose to prefer the 2.4GHz band instead -- this is also one of the reasons it was common to give both of them a different SSID early on, so that users could force 5GHz.

When commercial routers "band steer" they simply prevent the client from associating to to the lower bands (by e.g. hackishly not responding to probes at that band), thereby leaving the client with only one choice: the band you want.

[NovemberWhiskey]

Is that strictly true? Isn't there a whole transitional specification which allows clients to connect the same SSID with either WPA2 or WPA3?

[kevinday]

Yes, but you can’t use it if you enable 6ghz according to the 6E specification.

[NovemberWhiskey]

But, here in the real world, you can. I know this because I do on my Netgear 6E WAPs.

[lazide]

Sounds like a dumb spec?

[bestham]

Dumb spec? There are fundamental limits in this world. Some things are simply mutually exclusive. A dump spec IMO would be a spec that does not acknowledge this.

[lazide]

A spec which uses a new frequency and still makes it impossible to co-exist with existing previous versions of the spec on other, different frequencies is fundamentally dumb.

It would be like if USB-C required any device with USB C to not support any other USB types or specs. Seriously, what the hell!

And no, there is no practical reason for them to be mutually exclusive.

[bestham]

The single-threaded nature of WPA2 AES-CCMP-128 is the reason (in addition to not wanting to embed known weak security protocols). The higher speeds and later standardization of Wi-Fi 6E (as compared to Wi-Fi 6) made this, in my opinion, a reasonable trade-off.

For Wi-Fi to survive, it must bring improvements in security protocols /and/ user experience (speed, coverage, and ease of setup). While I agree that security configuration should ideally not be tied to the physical characteristics of the link, security tends to lag, and the driver is user experience. So, if we want to have a high baseline of security, we have to tie it to the driver, the craving for a better user experience (higher speed and better spectrum utilization).

Good standards make trade-offs in the right places (both in time and space). Dumb standards miss the goal. I cannot say that this is a dumb standard when it is evident that trade-offs have to be made. Using WPA2 would have impacted cost of equipment, performance and security negatively.

[lazide]

So instead, it won’t roll out widely for a decade plus due to active incompatibility, therefore rendering its improvements pointless for all but a tiny number of early adopters?

As I said, dumb.

Next version will likely include degrees of backward compatibility or workarounds, would be my guess. Since you can’t even iteratively roll it out!

That or routers will have parallel radios and 2x SSIDs, which would confuse everyone and add even more to the costs.

Yay for IPv4 vs IPv6 on wifi.