The U.S. department responsible for setting standards publishes well-written draft on 802.11i security: As with previous National Institute of Standards and Technology (NIST) documents on wireless technology, the intent is both to provide recommendations and requirements to government agencies, but it's also to disseminate to a wider business audience a solid set of principles that should underlay a security plan.
The Guide to IEEE 802.11i: Establishing Robust Security Networks, is extremely dry but readable, providing a solid framework for those trying to make sense of old security flaws and new solutions. If it had a slightly livelier tone, much of it could be published as a mass-market book, in fact. While this is a draft, it seems awfully finished to me, and I expect there's a review process to correct errors and gather opinions about specific requirements.
There's a bit of gallows humor about previous encryption, integrity, and security schemes in 802.11, such as Wired Equivalent Privacy (WEP), which gets a thorough whacking. In one footenote (No. 16 on page 3-2), we find this punchline: "The shared key authentication scheme based on a unilateral challenge-response mechanism is typically referred to as WEP because it uses the WEP encryption for response computation. However, shared key authentication is actually a simple authentication scheme independent of WEP. Also, it does not work." Bah-dum-bump. And, it's accurate.
My colleague Matthew Gast (author of 802.11 Wireless Networks: The Definitive Guide) will appreciate that the IEEE standard 802.1X is properly capitalized, too. (Amendments are in lowercase; standalone releases are uppercase.)