eduroam Development VC Minutes 2022-02-01 1530 CET

Attendance

Attendees

• Stefan Winter (Restena)
• Anders Nilsson (SUNET)
• Mike Zawacki (Internet2)
• Wenche Backman-Kamila (CSC/Funet)
• Chris Phillips (CANARIE)
• Maja Gorecka-Wolniewicz (PSNC)
• Dubravko Penezić (SRCE)
• Christian Rohrer (SWITCH)
• Louis Twomey (HEAnet)
• Zbigniew Ołtuszyk (PSNC)
• Sara Jeanes (Internet2)
• Stephanie Cooper (ANYROAM)
• Hideaki Goto (Tohoku University/NII)
• Philippe Hanset (ANYROAM)
• Janos Mohacsi (KIFÜ)
• Stefan Paetow (Jisc)
• Tomasz Wolniewicz (PSNC)
• Edward Wincott (Jisc)

Regrets

• Zenon Mousmoulas (GRNET)
• Arnaud Lauriou (RENATER)
• Geoffroy Arnoud (RENATER)

Agenda / Proceedings

1. Welcome / Agenda Bashing

2. Experience from testing CAT 2.1?
   https://cat-test.eduroam.org

3a. additional SSIDs (or additional RCOIs for that matter)… is that still the eduroam consortium? Same ToUs? Should those (continue to be) conflated to “the eduroam profile” or is a more conceptual distinction useful/necessary?

It appears that conflating additional SSIDs is “not a big deal” and we could continue to add those as “eduroam” where technically necessary.

Discussion around the implications on continuing to handle the additional SSID and geteduroam.app goes and fetches the euroam configuration (only).
The app featureset of geteduroam.app has implications on the eduroam service

• github link to Android: https://github.com/geteduroam/ionic-app/issues
• github for Windows: https://github.com/geteduroam/windows-app/issues

inquisitiveness on what the technical roadmap for geteduroam.app is and trajectory is valued.

3b. geteduroam and OpenRoaming integration

Conversation on utilization on openroaming was had:

UK: JISC is poised to implement their own openroaming Proxies

• 2 developments in London – CANARY wharf with Openroaming + WBA
• Strand area, Kings College London for openroaming

Ireland: The WBA are actively promoting OpenRoaming here in Dublin, they are working with the city council to make it available. It will be the first instance of it in Ireland but the WBA seem to be keen to push for more. I have heard nothing from our clients to suggest they are very interested in OpenRoaming, but there is increasing interest from our own management.
Basically, OpenRoaming is seen here as a PR “win”, and there may be a push to generate interest from clients.

Agenda (original item)

In principle, four non-trivial cases to consider:

• “ask”: eduroam (optional ToU) + add or don’t OpenRoaming (mandatory display of ToU)
• “ask-preagreed”: eduroam (optional ToU) + add or don’t OpenRoaming
• “always”: eduroam (optional ToU) + OpenRoaming (mandatory display of ToU)
• “always-preagreed”: eduroam (optional ToU) + OpenRoaming

geteduroam currently process only one “EAPIdentityProvider” element (while “in theory”, the XML could contain more than one inside its XML root element “EAPIdentityProviderList”).

• If we were to opt for making two independent entries, is compatible with existing app code, as the non-first entries are simply ignored.
• Having two entries means the meta-info “but the same client credential is valid for both, only ask once!” gets lost
• Havin two independent entries means no app users will /actually/ get OpenRoaming. So it may be desirable to cram both OpenRoaming and eduroam into one EAPIdentityProvider element after all.

If so:

• Getting “always” variants done is easy - can mingle all SSID and RCOI information into one single eap-config profile - and one ToU (which either concats OpR ToU info after eduroam or not) [note there is a pending bug about ToU occasionally NOT being displayed despite configured]

• Getting “user choice” done is difficult as UI code for that would be needed, but is not currently in the app. Possible that this is only supported on the famous “Android 11+” demarcation line. (possible workaround: two distinct profiles, one “with OpenRoaming” - geteduroam.app can display multiple profiles have the user choose between the two)

3c. There will be “OpenRoaming for NROs” and “OpenRoaming for IdP” pages on eduroam.org soon - those pages should include all information such as above.
(Stefan to work through those pages once more to include recent updates if any)

1. Update on hosted SP status/state of play

   • https://msp-pilot.eduroam.org (for pilot phase only; will probably rolled into common deployment https://hosted.eduroam.org in the future)
   • even after pilot to prod transition, RADIUS servers stay on stable addresses

2. Next VC

• 15 feb 2022, 1530 CET