Or, how do we get from here to there? A colleague wrote in to ask several questions about the path from WEP through WPA to 802.11i, the final IEEE security standard that's expected next year. I answered his questions in email, but I thought they were a good foundation for discussion.
Currently, all 802.11a, b, and g devices support WEP (Wired Equivalent Privacy) encryption which has had flaws and exploits well documented. The ultimate goal is 802.11i, a robust set of security improvements. On the road to 802.11i, the Wi-Fi Alliance has required WPA (Wi-Fi Protected Access), which fixes all of WEP's problems, is a subset of 802.11i, and which allows full backwards compatibility for most 802.11a and b devices made before 2003.
My colleague asked what would become of the current generation of 802.11 devices when 802.11i appeared? Because of WPA, I expect from promises made by manufacturers that virtually all client adapters and many (but not all) access points will have firmware upgrades that allow them to support the full WPA subset.
Equipment released in 2003, and some in 2002, already has the silicon in place to support full 802.11i, which has a more complex option for encryption (AES or Advanced Encryption System, in a couple of flavors), and a few more requirements. Broadcom, Texas Instruments, Intersil, Atheros, and others can merely push out firmware upgrades to enable AES and other features to their partners who will then push them out to customers.