[ietf78-tech] EDUroam connect request

Thu Jul 8 09:56:42 PDT 2010

On 2010-07-08 09:31, Paul Dekkers wrote:
> Hi,
>
> On 8 jul 2010, at 17:06, Jim Martin wrote:
>
>> On Jul 8, 2010, at 10:59 AM, Geert Jan de Groot wrote:
>>
>>> It's not my call to make, I'm not sure if the 1252's can handle
>>> the additional config (but should, yes?), and I promised I'd
>>> forward the request to the list to see what you think?
>>
>>
>> I'd like to put this on the "Nice to do" list....
>>
>> That is, if we have cycles and find that we can do it (logistically
>> and technically), then it's a good thing to do.
>>
>> However, if we're slammed or it hits any snags, it will be delayed
>> or dropped.
>>
>> Paul, are you ok with that?
>
> Sure, it's nice that you're considering it! And I'm happy to assist
> to make this work if you agree on having an eduroam network :-)
>
>> On the technical side, would we have a separate (offsite) radius
>> server configured for that one SSID, or would we relay the request
>> (based upon realm or something) from our radius server to theirs?
>
> You could relay all authentication from the eduroam SSID to one of
> our servers at SURFnet, that would keep your existing RADIUS config
> simple. Though the proxying from your servers (freeradius, I
> understand) is not very difficult to setup either.
>
> Regarding the SSID: for eduroam it's very important that the SSID is
> "eduroam", broadcasted, and encryption is indeed WPA(2)-Enterprise:
> the concept is that people already configured their clients to use
> the eduroam network with their (university, ...) credentials, and
> they just open up their laptops and it works: open access.

Right and that's yet another beacon frame at roughly 100ms intervals on 
both a and b channels times ~60 aps with two radio's each, I'm all for 
having the number of ssids that we need in total to support the client 
and role segmentation necessary to run the network, but not more than 
that. we already know that a number of devices have finite number of 
slots either in their devices drivers or firmware for the number of 
beacons they're prepared to cache before ejecting some.

> If the
> SSID is different, people have to reconfigure at every hotspot they
> want to use: not very convenient, apart from the fact that they
> probably forgot what they had to configure. (And their own helpdesk
> could be on the other end of the globe...)
>
> I think technically it's rather trivial: one SSID "eduroam", and I
> assume that only people that have it configured will use it: the rest
> won't be bothered by it. I'm really curious how many people will
> indeed use it. (But I'm quite sure there will be users, if eduroam is
> there.)

> Regards, Paul
>
> _______________________________________________ ietf78-tech mailing
> list ietf78-tech at daedelus.com
> http://www.daedelus.com/mailman/listinfo/ietf78-tech
>