It does actually ... the attacker is replaying retransmissions of message 3 of the 4-way handshake ... so without this re-transmissions to replay the attack would not be possible ...
Ok, got it. You're absolutely right here.
Still none of the (even patched) APs now do what you suggested to mitigate the attack (and is unlikely to ever do, as that will be a pure violation of the existing standards, whereas, as I understand, what the industry now aims at is to make wording in the standards stricter, but still fully preserve backwards compatibility). So getting back to the
original post of Jeroen1000, and the following replies or
mine and
yours it is vital to understand that
patching only AP gives you absolutely nothing in terms of KRACK attack mitigation.