Question about 802.11i WPA

["localhost" <localhost () bellsouth net>]

I'm trying to determine if 802.11i has sufficiently addresses the
deficiencies in WEP to make it a viable alternative to wired networks.  I
still have one concern that I haven't seen an answer to.  Could someone
point me to some documentation that might address my concerns.

It seems that a lot of though has been put in to protecting the AP's from
unauthorized access, but what about the clients?  Is there something in the
802.11i that prevents me from targeting the other clients and then using
their authorized connection to the AP?  I know you can use EAP-TLS for
mutual authentication, but that doesn't necessarily mean that the client
will only talk to authorized AP's.  It just prevents me from spoofing an AP.
Can't I still make a peer-to-peer connection to a workstation, own that box,
and then have my way with their authorized connection?  Do I have to run a
firewall on all my clients or does the standard provide a way to make
clients communicate exclusively with authorized AP's?

Thanks


---------------------------------------------------------------------------
----------------------------------------------------------------------------