WPA Association Requirements
Before an 802.11 miniport driver can associate and authenticate by using WPA, it must be configured as follows:
The driver's encryption mode must have previously been set to Encryption2 or Encryption3 through OID_802_11_ENCRYPTION_STATUS.
For infrastructure network modes, the driver's authentication mode must have previously been set to either Ndis802_11AuthModeWPA or Ndis802_11AuthModeWPAPSK through OID_802_11_AUTHENTICATION_MODE.
For ad hoc network modes, the driver's authentication mode must have previously been set to Ndis802_11AuthModeWPANone through OID_802_11_AUTHENTICATION_MODE.
The driver's desired SSID must have been previously set through OID_802_11_SSID.
The 802.11 device must process the WPA information element (IE) for WPA associations. The WPA IE has an element identifier of 0xDD and an Organizationally Unique Identifier (OUI) of 00:50:F2. The device will only associate with an access point or IBSS cell whose beacons or probe responses contain the WPA IE.
The device can associate only if it finds a match on its encryption and authentication modes in the WPA IE from the beacon or probe response. In the 802.11 association request that it sends, the device must prepare a WPA IE with the matching authentication and encryption modes that it will use.
When queried for OID_802_11_ASSOCIATION_INFORMATION, the miniport driver must return the WPA IE that it sent in the 802.11 association request. This is required by the 802.1X supplicant when it processes the WPA authentication handshake protocol.