eduroam Development VC Minutes 2024-01-16 1530 CET
Attendance
Attendees
- Stefan Winter (Restena)
- Anders Nilsson (SUNET)
- Stefan Paetow (Jisc)
- Maja Górecka-Wolniewicz (PSNC)
- Zenon Mousmoulas (GRNET)
- Ed Kingscote (CANARIE)
- Chris Phillips (CANARIE)
- Janfred Rieckers (DFN)
- Tomasz Wolniewicz (PSNC)
- Mike Zawacki (Internet2)
- Janos Mohacsi (KIFÜ)
- Maxime Houlbert (Renater)
- Christian Rohrer (Switch)
- Wenche Backman-Kamila (CSC/Funet)
- Paul Dekkers (SURF)
- Guy Halse (TENET) [late]
- Ed Wincott (Jisc)
Regrets
- Halil Adem (GRNET)
Agenda / Proceedings
Welcome / Agenda Bashing
geteduroam: patchlevel updates, feedback?
- https://github.com/geteduroam/apple-app/issues/86#issuecomment-1892542868 (update to 2.0 ignores/disables the config from previous installs )
- encrypted TLS certificates from hosted eduroam with certs with pin protected certs (item being worked on as of Jan 16)
- issues are known and taken care of by the team
- (iOS) forgotten profiles during update 1.x to 2.0: need to live with, communication problem, not code; within 2.x release train, should not happen
- Let’s keep track of the neuralgic spots we saw in this release and test for those same issues going forward (normal test plan refinement)
- automated testing? Difficult.
- Share the tests that have been run in earlier releases -> checklist for future releases.
- Needs volunteers - testing can not be a one-man job. (CP:+1… diversity in testing and a checklist at a known location and dated given things change surprisingly rapidly)
CAT feature requests
- Add a CAT API call for all info about a federation: combination of DATADUMP-FED and existing STATISTICS-INST calls (maybe an extension to STATISTICS-FED?)
See https://github.com/GEANT/CAT/issues/291 - Read-only mode for fed admins
- show/warn expired intermediate or root CAs in admin mode (code complete, pending rollout)
- ideally, enforce that anon outer ID is set when IdP wants to enable OpenRoaming support (this happens on the supplicant? check the IdP if anonymous auth is supported?)
See https://github.com/GEANT/CAT/issues/290
- Add a CAT API call for all info about a federation: combination of DATADUMP-FED and existing STATISTICS-INST calls (maybe an extension to STATISTICS-FED?)
eduroam database location info
- review the eduroam database requirements for location precision and the use of polygons for location data
- there is support for polygons (but is it used at all?)
- how accurate are the datapoints, privacy vs. need for accuracy
- For context, Internet2 presented the following request drafted by the eduroamUS advisory committe: https://docs.google.com/document/d/1TJzxy7PTOCDbrSMlI1KSOMdxVXb5kEEA_IHHEAnEfwQ/edit
- Nicole Harris’ response paper: https://docs.google.com/document/d/10_G_lrDZ0vAOkpoX6SH1mrCL7oM_zwiu9TeGdkpJFi4/edit?pli=1
IETF / EAP-FIDO updates
- EAP-FIDO: dns-dir, FIDO Alliance liaison replies pending
- radext: TLS-PSK is in last call; open Q: status of document
OpenRoaming
AOB / next VC
- 30 Jan 2024, 1530 CET