I have 1231G IOS APs on 12.3(7)JA2, and my users are doing WPA + TKIP, using the Microsoft zero config client on XP. Users do notice a slight delay when moving from AP to AP thanks to the need to reauth to the Radius server each time. I plan on moving to the WDS config, and enabling CCKM on the SSIDs to give users the benefits of WDS thanks to the cached creds. I'm wondering - if you have made the same move already, did users see a significant enough improvement to take notice?
I recently did an informal test using 12.3(8)JA and WDS using ACS 3.3 as the RADIUS server - result: Using Cisco CB21 a/b/g adapters and WPA/TKIP, I could do a fast roam on the Cisco PEAP (MS-CHAPv2) client, with cached credentials.
On the Intel Centrino 2200BG adapter, using the ProSet client (188.8.131.52 driver, 10.5.0.1 ProSet), I had to use WEP/802.1x/CKIP in order to get fast roaming using PEAP MS-CHAPv2 to work - WPA/TKIP wasn't supported for PEAP. According to the above support info, the Intel client is CCXv3 compliant, so PEAP support shouldn't be expected, but it does actually work on the WEP/802.1x/CKIP combination.
When CCKM works for fast roaming, it is pretty seamless - the RADIUS server is not involved at all, when moving from one AP to another with a secure authenticated connection. This reduces the roam time quite dramatically.
You should note that the delay you encounter with the Microsoft zero client is dependant on the load on the RADIUS server, the efficiency of the RADIUS server and the delay between AP and server.