Attendance

Attendees

  • Stefan Winter (Restena)
  • Mike Zawacki (Internet2)
  • Sara Jeanes (Internet2)
  • Guy Halse (TENET)
  • Halil Adem (GRNET)
  • Wenche Backman-Kamila (CSC/Funet)
  • Louis Twomey (HEAnet)
  • Philippe Hanset (ANYROAM)
  • Christian Rohrer (SWITCH)
  • Anders Nilsson (SUNET)
  • Fabian Mauchle (SWITCH)
  • Maja Górecka-Wolniewicz (PSNC)
  • Tomasz Wolniewicz (PSNC)
  • Ed Wincott (Jisc)
  • Stefan Paetow (Jisc)
  • Zbigniew Ołtuszyk (PSNC)
  • Paul Dekkers (SURF)
  • Janfred Rieckers (DFN)

Regrets

  • Zenon Mousmoulas (GRNET)

Agenda / Proceedings

  1. Welcome / Agenda Bashing

  2. Update regarding malformed EAP packets

    • Josh Howlett updates on the symptoms of the issue seen
    • Paul D expresses surprise that he doesn’t see this in Radiator on the ETLRs, given the amounts of requests are lower than the ETLR volumes.
      • Chris P that it is raised with FR project to make aware
    • Paul D and Chris P suggest that this should probably be raised with the vendor(s) involved too via WBA so others are aware
    • EAP-Type is the ‘offending’ attribute, suggestion to have Europe or NROs doing some logging to see how much is being seen
    • Suggestion also to possibly terminate such packets at the national proxies to avoid this being a DDoS vector against eduroam

  3. EAP-FIDO update

    • probably best to wrap FIDO auth in either EAP-TLS or TEAP (those two deliver server-auth with “traditional PKIX” and allow to derive session keys from the TLS context)

  4. Recurring OpenRoaming chitchat

  5. AOB / next VC (11 Apr 2022 1530 CEST)

  • No labels