Talk:WLAN Authentication and Privacy Infrastructure

No title
The Chinese Government probably will have a backdoor in it, I wouldn't put it past them. ~Anonymous


 * "his Chinese Government equivalent" - I bet this person has a name. 212.143.17.66
 * Let 's be fair.
 * I do not believe that none of the all the goverment in the world not be a backdoor of their own invention or creation to become the world standard.
 * world talent supporter.
 * That's why we have published standards - if everybody knows what point A and point B are and how they work together, then people can work-out how to get from A to B on their own and not need to worry about misbehavior on the part of other organizations. It's a lot harder to hide exploits in a standard that anybody can view than in a binary-only implementation release that nobody knows anything about.
 * We can be reasonably certain that 802.11 doesn't contain any intentional security vulnerabilities, as it has held up to peer review. WPA and WEP are likewise published standards, and have withstood the scrutiny of malicious crackers fairly well. Although security holes have been discovered in WEP, none of these show any sign of being intentionally designed and do not provide either easy or ready access into a system.
 * Further, it's worth noting that an intentional security hole in a decentralized standard puts whoever put it there at risk, as they must use any standards they create when it becomes required. However, since WAPI is designed with a central server any exploits on that server's end would NOT put those who crafted the exploit in any risk; SPOF is simply not beneficial. 192.235.29.95 18:34, 10 September 2007 (UTC)
 * Chinese government is always inventing these fucking standards, e.g. WAPI (competing against Wi-Fi), TD-SCDMA (competing against WCDMA and CDMA2000), UOF (competing against ODF and Microsoft Office), etc. But none of them are useful, and therefore none of the Chinese residents use it at all! I am a Chinese resident, and I have never found anybody use them, and most people around me have even never heard them. However, Chinese government forces the manufacture to support these fucking standards. Without the support these fucking standards, their products will be banned in China. Finally, consumers have to pay for the useless functions, without using them at all. It is completely wasting our money!!!! --Yejianfei (talk) 03:51, 20 February 2016 (UTC)


 * I noticed that the US government recently said

"Ex. 11 (reporting Apple was the first Western company to have its products use WAPI and “[t]hus, [Apple] is presumably sharing confidential information with the [Chinese] government”).) Such accommodations provide Apple with access to a huge, and growing, market." in document 303739074-Government-Response-to-Apple-Motion.pdf http://apps.npr.org/documents/document.html?id=2755206-DOJ-Reply-Brief page 34 — Preceding unsigned comment added by 82.28.198.0 (talk) 20:50, 15 March 2016 (UTC)

Expert needed
Can someone knowledgeable in the matter put some commentary in the main article to this point. Is WAPI a Chinese backdoor, or potentially a backdoor? — Preceding unsigned comment added by 82.28.198.0 (talk) 20:45, 15 March 2016 (UTC)


 * You're not going to get an unbiased answer to that. In reality, the motivation to develop WAPI was likely multi-faceted.  Whether it had the potential to introduce a backdoor is unclear at this point, but it seems unlikely that it has had such an impact, seeing how it's rarely ever used.  My personal opinion is that the primary goal was to minimize dependence on standards largely controlled by foreign entities.  If this is the case, it's likely that WAPI is favored by government-controlled organizations, or was at one point in time.  Given that the standard effectively limited trade of WLAN devices with China, there were economic incentives as well. —Zenexer &#91;talk&#93; 15:06, 2 October 2017 (UTC)

All your Keys Belong to Us
The WAPI architecture calls for a central Authentication Service Unit. Why am I not surprised... Funkyj 07:40, 13 June 2006 (UTC)

Updated informatin
This article is no up-to-date. - the information about SMS4 is in contradiction to the information found in the Wikipedia article about SMS4 - SMS4 has meantime been passed evaluation by independent experts (see SMSç article) - the actual draft of the WAPI ISO/IEC standard (document JTC1/Sc6/N14619) allows selection of the cipher suite (AES or SMS4)

I have edited the German version and propose to align the English version once my updates have ben verified.

HRThomann (talk) 08:49, 17 October 2011 (UTC)

Sorry, can't undo my unfinished edit
Anyhow, I was about to delete some of the unsubstantiated claims and description of events since they were without citation since 2014 - four years ago. when I ran into some problems with Internet. Anyhow, I would just like to point out that most of the article is without proper citation since, again 2014. And so it seems the whole thing needs to be rewritten with some proper sources. Some one please find some article to support or disprove the facts and events of this article. Cheers.211.94.227.87 (talk) 04:24, 28 February 2018 (UTC)