eduroam Development VC Minutes 2023-10-24 1530 CEST

Attendance

Attendees

  • Stefan Winter (Restena)
  • Tomasz Wolniewicz (PSNC)
  • Anders Nilsson (SUNET) at WLPC in Prague but joining :)
  • Brian Epstein (he/him) (IAS.edu)
  • Zbigniew Ołtuszyk (PSNC)
  • Maja Górecka-Wolniewicz (PSNC)
  • Guy Halse (TENET)
  • Mike Zawacki (Internet2)
  • Maxime Houlbert (Renater)
  • Ed Kingscote (CANARIE)
  • Mohit Sharma (CANARIE)
  • Chris Phillips (CANARIE)
  • Ed Wincott (Jisc)
  • Janfred Rieckers (DFN)
  • Louis Twomey (HEAnet)
  • Janos Mohacsi (KIFÜ)

Regrets

  • Zenon Mousmoulas (GRNET)
  • Paul Dekkers (SURF) - at the WBA conf ;-)
  • Stefan Paetow (Jisc)

Agenda / Proceedings

  1. Welcome / Agenda Bashing

  2. CAT 2.1.1 maintenance release

    • plan for deployment on 2 Nov 2023

    • change to underlying OS and VM; process will need a longer downtime than usual - aim is 1h

    • (test installation at cat-ams-new.eduroam.org; database is not current)

    • hosted.eduroam.org to follow later on (investigate re-configuration to be the web part of Managed IdP and SP)

    • performance issues with huge authentication logs

    • working off of release_2_1 branch

  3. geteduroam apps

    • profile names differ between geteduroam-generated vs. CAT-generated
    • Do people hate the “®” in the Windows intaller? It can be removed if so. (upvote +1)
    • Reminder from Wenche that geteduroam is happy to receive funding

  4. IETF / EAP-FIDO update

  • New RADIUS/(D)TLS-bis draft, now a Working Group draft https://datatracker.ietf.org/doc/draft-ietf-radext-radiusdtls-bis/
    • PSK best practices in the making
    • deprecating UDP/unencrypted transport following after
    • in RADIUSEXT wg
  • EAP-FIDO draft published  https://datatracker.ietf.org/doc/draft-janfred-eap-fido/
    • WebPKI as default trust anchor
    • enables “just one string” configuration
    • in EMU wg
    • side meeting on 6 Nov 6pm (remote attendance will be possible, free)
  • all nice and good but: when will this be implemented in reality?
    • this is a known problem, we are doing our best
    • some vendors present at IETF and willing to implement; once some support is out there, finger-pointing at the rest could be a way
    • can skin it as an analogue to HTTP vs. HTTPS

  1. Recurring OpenRoaming chitchat

    • RCOI calculator: https://wireless-broadband-alliance.github.io/OR-rcoi-config/

    • Delhaize: doesn’t do OpenRoaming (allegedly only beacons the old Cisco 004096 ECOI that no contemporary Wi-Fi client will recognise or use; to be verfied)

    • With a (working…) Delhaize config, this becomes a compelling use case for LU

    • Does OpenRoaming solve the “overlapping SSID problem”?

      • if all hotspots use distinct SSIDs, sure
      • if hotspots happen to operate on the same SSID (even though there’s no need to), maybe not

  2. AOB / next VC 21 nov 2023 CET

  • No labels