As if Wi-Fi standards are not confusing enough, last week's addition of four widely used Extensible Authentication Protocol (EAP) types by the Wi-Fi Alliance will make your head spin. While they expand the test matrix against which all wireless LAN (WLAN) products will be tested for WPA/WPA2 certification, Gartner says, the move comes late and with questions. A report today from the IT research giant said:
The Wi-Fi Alliance will still call the 'new' certifications WPA and WPA2 and will allow a grace period during which 'old' WPA and WPA2 certifications can still occur. WPA certification will be more confusing than meaningful for enterprise decisions until at least 4Q05, when it becomes mandatory for vendors to pass 'new' WPA2 certification.
Additional confusion will undoubtedly result after Cisco and Microsoft likely introduce a new or enhanced EAP type in coming months which will require the Wi-Fi Alliance to conduct further interoperability testing, according to Gartner.
And the Wi-Fi Alliance is reserving the term "WPA3" for new IEEE 802.11 security features rather than for security testing extensions, further contributing to the confusion around WPA and WPA2 certification through at least the first half of next year. Gartner says to simply select the authentication approach that best meets matches your business, IT and security processes, regardless of Wi-Fi certification.