[ietf78-tech] EDUroam connect request

Rob Nagy rob at deepdivenetworking.com
Thu Jul 8 09:03:29 PDT 2010 

Good point Chris. 
On the portal we could put a notice, but for WPA it is a real issue of education. Well, I will be prepared to do it, and we can decide when time allows.

Rob


On Jul 8, 2010, at 11:55 AM, Chris Elliott wrote:

> It is more work for the users if we don't have the EDUroam SSID, and we'll have to educate them that their EDUroam credentials will work on our SSID's, then un-educate them for Beijing.
> 
> chelliot aka Chris.
> 
> On Jul 8, 2010, at 11:48 AM, Rob Nagy <rob at deepdivenetworking.com> wrote:
> 
>> If they just want it for this meeting I would vote that we proxy and skip the additional SSID. Less headache in my opinion. 
>> 
>> Alice aka Rob
>> 
>> Sent from my iPhone
>> 
>> On Jul 8, 2010, at 11:44 AM, Chris Elliott <chelliot at pobox.com> wrote:
>> 
>>> If we use another SSID then we won't need to proxy the requests. Not that I'm a fan of additional ssid's either.
>>> 
>>> On Thu, Jul 8, 2010 at 11:38 AM, Rob Nagy <rob at deepdivenetworking.com> wrote:
>>> I agree as a nice to do. We should be able to radius proxy by realm for people who want to use eduroam credentials. The issue we couldn't probably port to Beijing is that I don't believe we could limit devices per user with a radius proxy realm(have to double check). But for this meeting it should be a fairly easy endeavor, time allowing.
>>> 
>>> I will do additional research in how we could do it with freeradius.
>>> 
>>> Rob
>>> 
>>> Sent from my iPhone
>>> 
>>> On Jul 8, 2010, at 11:19 AM, joel jaeggli <joelja at bogus.com> wrote:
>>> 
>>> > This sort of dovetails with my observation about using open-id auth as
>>> > an option for the portal...
>>> >
>>> > personally I'm adverse to simply creating more ssids, but not adverse to
>>> > the idea of enabling authentication against additional systems.
>>> >
>>> > On 2010-07-08 08:06, Jim Martin wrote:
>>> >>
>>> >> On Jul 8, 2010, at 10:59 AM, Geert Jan de Groot wrote:
>>> >>
>>> >>> It's not my call to make, I'm not sure if the 1252's
>>> >>> can handle the additional config (but should, yes?),
>>> >>> and I promised I'd forward the request to the list to see what you think?
>>> >>
>>> >>
>>> >>    I'd like to put this on the "Nice to do" list....
>>> >>
>>> >>    That is, if we have cycles and find that we can do it (logistically and technically), then it's a good thing to do.
>>> >>
>>> >>    However, if we're slammed or it hits any snags, it will be delayed or dropped.
>>> >>
>>> >>    Paul, are you ok with that?
>>> >>
>>> >>    On the technical side, would we have a separate (offsite) radius server configured for that one SSID, or would we relay the request (based upon realm or something) from our radius server to theirs?
>>> >>
>>> >>    - Jim
>>> >>
>>> >>
>>> >>
>>> >>
>>> >> _______________________________________________
>>> >> ietf78-tech mailing list
>>> >> ietf78-tech at daedelus.com
>>> >> http://www.daedelus.com/mailman/listinfo/ietf78-tech
>>> >
>>> > _______________________________________________
>>> > ietf78-tech mailing list
>>> > ietf78-tech at daedelus.com
>>> > http://www.daedelus.com/mailman/listinfo/ietf78-tech
>>> _______________________________________________
>>> ietf78-tech mailing list
>>> ietf78-tech at daedelus.com
>>> http://www.daedelus.com/mailman/listinfo/ietf78-tech
>>> 
>>> 
>>> 
>>> -- 
>>> Chris Elliott
>>> chelliot at pobox.com
>>> 

Robert Nagy
- - - - - - - - - -
Senior Dive Master | Deep Dive Networking Inc
p: 408.480.5133 | aim/icq: 95091173 | e:rob at deepdivenetworking.com
www.deepdivenetworking.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.daedelus.com/pipermail/ietf78-tech/attachments/20100708/9416d041/attachment.html

More information about the ietf78-tech mailing list