Draft minutes of the 20th TF-Mobility Meeting
|
|
- Victor Preston
- 6 years ago
- Views:
Transcription
1 Page 1/12 TITLE / REFERENCE Draft minutes of the 20th TF-Mobility Meeting 20 th TF-Mobility and Network Middleware Meeting - Tuesday, 20 October 2009 CNR Via dei Taurini, 19, Rome, Italy. The meeting was hosted by GARR. Table of Contents 1. Welcome and Apologies Approval of Agenda Minutes of Last Meeting and Update of Action List...2 Minutes...2 Actions from Previous Meetings National Updates...3 Finland...3 The Netherlands...3 Australia/New Zealand...4 Germany...4 Croatia...4 Luxembourg...5 Sweden...5 United States of America...5 Japan...5 Canada...6 France...6 Austria...6 Spain...6 United Kingdom...6 Poland Progress on Work Items Standardisation process Support for the development of the next generation eduroam Location awareness DNSSEC Integration with other operators Metering and monitoring Sensor and mesh networking Liaison with GN2/GN Cooperation with other initiatives New mobile technologies Global Eduroam Group Hosting organizations in eduroam Requirements for tunneled EAP-methods AMeN (Active Monitoring eduroam Node) DNSSEC experiences at SURFnet Date of Next Meeting AOB and Close... 10
2 Page 2/12 1. Welcome and Apologies Klaas Wierenga welcomed everyone to the meeting. Apologies were recorded on the event registration page and consisted of Kurt Baumann (SWITCH), Anders Nilsson (SUNET/Umeå University) and Roland van Rijswijk (SURFnet). 2. Approval of Agenda The agenda was approved as circulated. 3. Minutes of Last Meeting and Update of Action List Minutes The minutes of the last meeting held on the 7 th May 2009 were approved without corrections and are available at Actions from Previous Meetings Reference Who Action Status Milan Circulate information on the procedures needed to DNSSEC sign eduroam.org This task is to be carried over and have input from Dyonisius Visser at TERENA who is responsible for other DNSSEC work within the TERENA DNS structure Diego Ask Glen Wearen to report on Irish 3G deal and identity management issues. Glen is not in attendance and this action will be carried over to the next meeting Milan Draft a short paper on DNSSEC uses, and circulate on TF- Mobility mailing list Kurt Identify sensor and mesh networking activities, and find out what their technical requirements are TERENA TERENA to establish Global eduroam mailing list with known eduroam administrative contacts. Malaga BoF resulted in the mailing list - and paper completed by Roland (SURFnet). Roland to be approached by Brook to take over the responsibility of this work item. Klaas has conversed with Kurt regarding sensor + mesh networks. A small trial is being setup by SWITCH but not much sensor related information at this point. Have Kurt report in a future meeting or via the mailing list. This has been completed - list registration information available at the list of eduroam GWG members from the AARNet maintained list has been migrated. [ACTION ] Brook to establish an archive of the GWG mailing list if it doesn't exist already.
3 Page 3/ Klaas, Hideaki Sone and Bob Send known eduroam administrative contacts to Kevin Meynell Known contacts have been added to eduroam GWG. There is currently no "official" contact for the United States of America. Morgan Stefan Circulated eduroam specifications document on Global eduroam mailing list. MoU new version in progress - there will be a few more weeks before completion. James Sankar provided a lot of feedback. WPA2 "must" is still an issue Klaas Setup conference call on u. Carried over to the next meeting [ACTION ] Klaas to follow up on action items prior to the next TF-Mobility meeting. 4. National Updates Finland Wenche Backman gave the report via Video Conference and a summary via . We have configured our top level RADIUS to support RadSec and our NRO (Arch Red) has RA-status for edugain sca. We have urged our organisations to provide eduroam database related information. When we obtain this information, I will change the encryption level enc_level -tag from enc_level1 to the real value. In the meantime I changed it to unknown. enc_level1 is the value that is present in the template. We have signed a Memorandum of Understanding (MoU) with a roaming community in the city of Tampere. This roaming community has one SSID for web-based authentication and one SSID for WPA. Our national roaming service (which allows webbased authentication) has been connected to this roaming community. Furthermore, according to the MoU, we will investigate possibilities to connect the roaming community to eduroam in a one-sided fashion. This means that the roaming community would be ready to provide eduroam at their hot-spots without expecting anything in return. This is a VERY generous offer but unfortunately most of their current base stations do not support multiple SSIDs. During the summer another of our organizations (Helsinki University of Technology) joined eduroam Identity provision of eduroam is very high - use of the SSID. The Netherlands Paul Dekkers reported on progress in the Netherlands. Migrating institutions from WEP to WPA and using the "eduroam" SSID. Institutions are switching but not telling SURFnet. Some advantages - communications with people are the biggest issue. SecureW2 "re-licensing" is problematic. Developing a Access controller with lightweight access points in institutions so that they don't have to provide this service. Ideal for conferences. There is a selection of equipment that is being trialled. This will be a costed service.
4 Page 4/12 Equipment has been selected - and is being purchased - this will allow the presentation to be longer. eduroam in city of Groningen, with multiple universities, but the problem is they use the SSID "Eduroam" rather than "eduroam" (Upper case E vs lower case e) to enforce network- and VLAN-switching. Collaboration and sharing infrastructure seems better. The network can be resold to other providers. KPN are providing a free wireless infrastructure for visitors etc at the hospitals. But this weakens the business case for putting in eduroam and users are subject to the commercial operator which may change from "free". Australia/New Zealand Alex Reid reported on the eduroam activities in Australia and New Zealand 28 institutions now connected - coverage of 2/3rd are eduroam enabled. Usage has tripled over the year - high use at conference locations. Now have connectivity around Brisbane - Bus' are eduroam enabled and the Ferries are enabled thanks to a diffrent university. end-to-end monitoring being worked on. User Centric Website being developed. Port based pricing service is now available for flat rate 10Mb/s + 100Mb/s service to be used for shared/collaborative services (such as eduroam traffic) as AARNet provide both peered and commodity internet access. [ACTION ] Brook to discuss eduroam.org website updated with Daniel/Marcus from Australia regarding their User Centric Website. Germany Jurgen reported the following. DFN is still using German Language for the Instituiton names for the local map. The mapping service uses UTF-8. Slow with the maintenance of the monitoring service - as there is a map that can be maintained via the website. There are some issues 166 campus' on the DFN. 130 instituions represented. There is grouping/clustering of the maps. You can zoom to see different levels of the map. An operational meeting was held recently: RadSecProxy being used at the national level and 18 institutions using RadSec. Some transformation is manual. Reported on SecureW unique international roaming people per month. Have talked with T-Mobile regarding eduroam. eduroam couldn't be used but a deal has been brokered to use your institutional authentication for 3G/Data services (it is similar to the ipass model). Croatia Miro reported on Croatian eduroam work. There are several service locations where lightweight access points are used. Migrating to WPA2 is an issue regarding communication and similar issues. Wanting to increase the number of service locations. CARNET has a deal with mobile operators and get a 50% discount on UTMS.
5 Page 5/12 Use your AAI credentials for this service. 50% of Croation members were aware of eduroam (from GEANT study). 600,000 people have eduroam access. Only 36 locations with eduroam country wide. [NOTE] For information on the GEANT user segmentation study 2008 visit It is intended to be made available to NRENs and to GEANT project participants responsible for developing and delivering services and end-user support. Contact at DANTE for more information is Anna Everitt. Luxembourg Stefan Winter reported on eduroam in Luxembourg 1500 logins per day. City wide WiFi with eduroam (at no charge) provided by a commercial operator. Commercial access is 1 month access is 15 for the city wifi (comparible with 3G service costs for a month) which isn't very popular. The realestate for the location that they have wireless access points is being used for other services such as surveillance cameras so there is an income stream as an alternative to wifi costs. Sweden Torbjorn reported on his understanding of eduroam in Sweden. 25% to 30% of the members. This represents 80% of the student population. Incorporation of roaming with the other stakeholders. United States of America Bob 'RL' Morgan reported on activities in the US. The US lags behind in the adoption of eduroam. A CIO from Case Western Reserve University attended the NORDUnet conference and was sold on the idea of eduroam (by Klaas). A group has been setup of technical people to discuss what would be required to support eduroam as a service. The barriers previous remain but are being discussed. Organisations have done other things to support wireless. Some CIOs thought that this was connected to Web-based federations and didn't know that it was 802.1X based. Many sites are interested in participating and experimenting in this. There is a in principal commitment to have 50 US institutions connected within 12 months. Japan Hideaki Goto reported on eduroam in Japan during his presentation on "Hosting organizations in eduroam". Less than 1% of target institutions currently offer eduroam and this presentation will be to increase the number of deployments.
6 Page 6/12 Canada Jens Haeusser reported on eduroam.ca activity. Canada has talked with the US to help kickstart US eduroam US CIOs have pledged to get 50 universities connected by fall '10. Canada is willing to host US universities as a interim step Jeff Gumpf, Chief IT Architect, Case Western Reserve (technical lead US eduroam) 16 of 48 Universities in Canada now connected (mostly in the West). 11,000 Canadian, 6,000 International logins in September. 6 more sites expected in the next 6 months. eduroam was a standalone effort by BCNet, now transitioning to the Canadian Access Federation. Consultant doing a future study for the CAF - eduroam future will be tied to that effort. France Report by Olivier. 19 IdP and connections per day (not divided between national/international). Austria Kurt reported on ACOnet eduroam activity. "most" of the major universities are members A technical committee is working together to provide mapping information so that they'll be better represented. Spain Jose Manuel reported on RedIRIS work. Preparing data for the eduroam database. Create an interface for people to enter their data. Replace the radius only with RadSec as an option for interfederation. SecureW2 issues is also a problem. This will be disscussed at the next RedIRIS user conference. [ACTION ] Brook to discuss the "interface" to create mapping data and see about integrating this with the SURFnet solution discussed in line with website changes at GN3 Symposium. United Kingdom Mark O'Leary provided some information via . A full report will be ed to TF- Mobility mailing list. "One highlight to pass on is that I currently have 4 MSc students working on webbased 3D visualisation of JRS roaming logs (flight map style), code we'll be glad to pass on." Poland Zbigniew Oltuszyk provided a report on the Polish national update. 28 Polish institutions are active in eduroam The regional structure (with regional proxiex) has been established All connections between regional proxies and the Polish national ones are on RadSec We are in the process of buying wireless equipment for 21 Polish institutions, that will establish well accessible eduroam hotspots.
7 Page 7/12 After the national updates there was a discussion of many of the issues raised. Jens announced a promotion within Canadian eduroam institutions to Home before you roam" which doesn't cut down on all problems but if it doesn't work at your home institution it definately won't work elsewhere. Open Access points still exist in addition to eduroam/secure APs - UBC points users to the "Cloudpath client" if they connect on the open network and suggest they install it to streamline connection to the secure eduroam 802.1X by telling people "You should do this securely the next time 'round." 5. Progress on Work Items 5.1 Standardisation process Stefan reported on "Multi-Domain User Applications Research Task 1: Roaming developments" (nee JRA3/T1). Which touched on Standardisation and GN2/GN3 Liaison. The document has expanded from a single document to many (see slide 3). IPR issues regarding additions to FreeRADIUS (TCP transport for FreeRADIUS) slowed its integration into the development branch of FreeRADIUS. TLS addition is expected soon. Slides are available at: Support for the development of the next generation eduroam This topic was integrated into other discussions. 5.3 Location awareness Mark O'Leary wasn't able to attend. Discussion will continue on the mailing list with a report at the next meeting. 5.4 DNSSEC Milan summarised the discussion that was held at the DNSSEC BoF at TNC2009. SURFnet + Roland is very active in this area since the BoF held at TNC2009. A mailing list has been setup Paul Dekkers detailed a need for the improvements in the tools for DNSSEC which historically have been limited so work on OpenDNSSEC is important and will lead to services that institutions can use/deploy. Paul stated that the threat of an insecure DNS is real - so this added level of protection would be useful within the community. Presentation to follow. Jens stated that until their is a date at which DNSSEC is req'd that people still won't do it. Bob hoped that early adopters would build out a network that will show where the rough edges are and the problems so that it is easier for others in the future. Diego announced the Quality (equal) group that TERENA is organising and how it could assess DNSSEC. As the discussion followed Quality there were comments from Paul regarding TF-CSIRTs - eduwhitelist effort and whether equal will investigate something like DKIM and SPF.
8 Page 8/12 Klaas returned the discussion to DNSSEC by stating that ALL MTAs will be DNSSEC enabled and with the resolver on the MTA supporting DNSSEC there would be a start to the "chicken and egg problem". Some countries have secondary level domains - such as.ac.uk,.ac.jp and.edu.au and this would make it easier for DNSSEC to be implemented for these Research, Education and Academic divisions. Many representitives were working with their country domain registrar to have DNSSEC provided. There was a discussion to DNSSEC eduroam.org and hand out domains for dynamic peer discovery under this secured domain. Milan stated that DNSSEC + RADSEC aren't needed together. Jens highlighted the fact that RADSEC negates the need for DNSSEC and you don't want to make the implementation more difficult. Milan reinterated that Domain Administration and Certificate/Metadata trust are two different administrative domains. Thus the discussion on using the same key for signing the DNS record and federation metadata isn't relevant. Some potential use cases presented: Dynamic Peer Discovery within eduroam. Mail as an application. Metadata discovery via SRV records. Key Distribution via DNSSEC. These use cases can be further developed by anyone (as per the following action). [ACTION ] All to produces good use-cases for DNSSEC implementations. To discuss later today and circulate on the BoF-DNSSEC@terena.org mailing list. 5.5 Integration with other operators There was no specific coverage of this topic. 5.6 Metering and monitoring Miro presented on the topic of Metering and Monitoring. The slides are available at: [ACTION ] Brook to put this Metering and Monitoring effort on the radar of the Dutch (Michael Rave), Canadian and Australian efforts to do the same. Report back at next meeting. 5.7 Sensor and mesh networking Kurt was absent from the meeting. 5.8 Liaison with GN2/GN3 This was covered by Stefan's presentation earlier in the day. 5.9 Cooperation with other initiatives There was some discussion throughout the day with respect to City WiFi efforts and integrating
9 Page 9/12 eduroam with these services New mobile technologies Information on u will be discussed on the mailing list with a view to have a presentation at a future meeting. 6. Global Eduroam Group 7. Hosting organizations in eduroam Hideaki Goto reported on 3 methods they are investigating regarding eduroam deployment in the wider UPKI federated environment of Japan. Looking at a mechanisms to devolve the federation of potentially 10s of thousands of APs around the country. Much discussion was generated by this presentation, mostly surrounding whether an open proxy is permissable in an eduroam federation. Most discussion surrounded QA issues and the need for individual certificates or shared-secrets to enable revocation at a future date. Klaas was encouraged by the work of Japan in this regard. The provisioning of service providers (SPs) via this mechanism and the use of a system like this for University level delegation would also be useful. [ACTION ] Minimum requirements for generating SP configurations in an eduroam federation. The slides are available at: Mobility-20th-HGoto.pdf 8. Requirements for tunneled EAP-methods Stefan Winter reported on EAP methods. Discussion around the suitability of the channel bindings and TTLS-PAP. It isn't that PAP is bad - but that there is an added risk. The channel binding allows for mutual authentication for the inner and tying the inner and outer authentication channels. Summary is on slide 6. The slides are available at: mobility/meetings/20/tf%20mobility%2020%20- %20EAP%20Tunnel%20Requirements%20Overview.pdf 9. AMeN (Active Monitoring eduroam Node) Michael Rave of SURFNet presented on the topic. The system will add an additional layer of monitoring (functional testing) by adding nodes as clients to attempt to "use" eduroam in the way a real person would. Wireless access points and routers or embedded device. Brook mentioned that the Australian eduroam Project Group is doing some similar work. [ACTION ] At the suggestion of Diego the eduroam.org website should have a portion devoted to projects that are doing work relating to eduroam (such as this). The slides are available at: EN-TF-Mobility-final.pdf
10 Page 10/ DNSSEC experiences at SURFnet Paul Dekkers of SURFnet presented an extensive explaination of DNS attack vectors and how DNSSEC can be used to to mitigate against these attacks. A white paper is available here: (nu means now in Dutch) The slides are available at: Klaas posed the question from this mornings DNSSEC discussion: "Has anyone found the killer application that makes DNSSEC attractive as a service?" Stefan propased a case for ISPs to have DNSSEC because banks could DNSSEC sign their DNS records to reduce phishing/pharming. There was mention of certificate revocation lists using DNS. This makes the TERENA.org domain more important for DNSSEC to ensure that the CRL can be guaranteed. Milan made the point that protocols were designed to work with insecure DNS (if those protocols have a security requirement) and that DNSSEC doesn't offer end to end security. DNSSEC could be used for lightweight PKI distribution for dynamic peer discovery. 11. Date of Next Meeting February 15th with a tentative location of Vienna. 12. AOB and Close Diego Lopez presented on GEMBus. Slides are available at: The meeting closed at 18:15. (Minutes published 27 th October 2009) Action List Reference Who Action Status Brook Establish an archive of the GWG mailing list if it doesn't exist already Klaas Follow up on action items prior to the next TF- Mobility meeting Brook Discuss eduroam.org website updated with Daniel/Marcus from Australia regarding their User Centric Website Brook Discuss the "interface" to create mapping data and see about integrating this with the SURFnet solution discussed in line with website changes at GN3 Symposium All Produce good use-cases for DNSSEC implementations. To discuss later today and circulate on the BoF-DNSSEC@terena.org mailing list Brook Put this Metering and Monitoring effort on the radar
11 Page 11/12 of the Dutch (Michael Rave), Canadian and Australian efforts to do the same. Report back at next meeting Hideaki Goto, Minimum requirements for generating SP configurations in an eduroam federation. Brook Brook At the suggestion of Diego the eduroam.org website should have a portion devoted to projects that are doing work relating to eduroam (such as this). List of Participants First Name Last Name Affiliation Wenche Backman CSC/Funet Kurt Bauer ACOnet Paul Dekkers SURFnet Licia Florio TERENA Hideaki Goto NII / Tohoku University Mehdi Hached RENATER Jens Haeusser Canadian Access Federation/UBC Nicole Harris JISC Collections Avgust Jauk ARNES Simon Leinen SWITCH Diego Lopez RedIRIS José-Manuel Macías RedIRIS Miroslav Milinovic Srce RL 'Bob' Morgan Internet2 / InCommon / University of Washington Zbigniew Oltuszyk PIONIER Dubravko Penezic Srce Jaime Perez RedIRIS Juergen Rauschenbach DFN-Verein Michael Rave SURFnet Alex Reid AAF, AARNet, UWA Olivier Salaün CRU Brook Schofield TERENA Hideaki Sone NII / Tohoku University Milan Sova CESNET Joost van Dijk SURFnet Torbjörn Wiberg Umeå Universitet/SWAMI Klaas Wierenga Cisco Systems Mark Williams JISC Collections Stefan Winter RESTENA Tomasz Wolniewicz PIONIER
12 Page 12/12
GN2 JRA5: Roaming and Authorisation
GN2 JRA5: Roaming and Authorisation Jürgen Rauschenbach, DFN TF-NGN Athens 03/11/05 Introduction JRA5 builds a European Roaming Infrastructure (eduroamng) taking into account existing experience from the
More informationMinutes of the 23rd TF-Mobility & Network Middleware Meeting
Page 1/8 TITLE / REFERENCE 23 rd TF-Mobility and Network Middleware - Wednesday, 16 February 2011 Lyon, France. The meeting was hosted by the University of Lyon and CRU. Table of Contents 1. Welcome and
More informationMinutes of the 25th TF-Mobility & Network Middleware Meeting
Page 1/7 TITLE / REFERENCE 25 th TF-Mobility and Network Middleware - Wednesday, 9 th November 2011 Bologna, Italy. The meeting was hosted by GARR. Table of Contents 1. Welcome and Apologies... 1 2. Approval
More informationSummary of Actions. Reference Who Action Status
Page 1/5 TITLE / REFERENCE Minutes of the 30 th TF-Mobility & Network Middleware 30 th TF-Mobility and Network Middleware 14 th & 15 th February 2013 Vienna, Austria. The meeting was hosted by the Fachhochschule
More informationResults from the EARNEST Technical Study
EARNEST Workshop, Amsterdam, 8 May 2007 Results from the EARNEST Technical Study Licia Florio, TERENA florio@terena.org Agenda Technical study Lower layers preliminary results Middleware preliminary results
More informationJRA5: Roaming and Authorisation
JRA5: Roaming and Authorisation Jürgen Rauschenbach, DFN-Verein 7 th TF-EMC2 Meeting, Malaga 16 17 October 2006 Introduction JRA5 will build a European Roaming Infrastructure based on eduroam JRA5 will
More informationilight/gigapop eduroam Discussion Campus Network Engineering
ilight/gigapop eduroam Discussion Campus Network Engineering By: James W. Dickerson Jr. May 10, 2017 What is eduroam?» eduroam (education roaming) is an international roaming service for users in research,
More informationIntroduction to eduroam
Introduction to eduroam eduroam (education roaming) is the secure, world-wide roaming access service developed for the international research and education community. Poll Brief History eduroam initiative
More informationTF-EMC2 Meeting March Florence, Italy
TF-EMC2 Meeting 28-29 March Florence, Italy Introduction Diego opened the meeting and welcomed the participants. SCS updates Guy Guy gave an update on the SCS service. There were some recent changes within
More informationTF-EMC2 Meeting: 3-4 December 2008 Utrecht, the Netherlands Licia Florio. Table of Contents
TF-EMC2 M IN U TES Page 1/9 TITLE / R EFERENCE: V.01 TF-EMC2 Meeting: 3-4 December 2008 Utrecht, the Netherlands Licia Florio Table of Contents 1. Welcome...1 2 TF-ECM2 Work Items presentations...1 2.1
More informationMobility Workshop TERENA, Amsterdam March 06, Meeting report by: Licia FLORIO, TERENA March 12, Participants List
Mobility Workshop TERENA, Amsterdam March 06, 2002 Meeting report by: Licia FLORIO, TERENA March 12, 2002 Participants List Carsten Bormann Universität Bremen TZI Valentino Cavalli TERENA Martin Dunmore
More informationGN2 JRA5: Roaming and Authorisation - recent results
GN2 JRA5: Roaming and Authorisation - recent results Jürgen Rauschenbach (DFN), Klaas Wierenga (SURFnet), Diego Lopez (RedIRIS), Content Overview Roaming infrastructure AAI Structure and Partners JRA5
More informationMinutes of the REFEDS Fall Meeting, 5 th September 2012, Utrecht
DOC VERSION: 0.1 DATE 05 SEPTEMBER 2012 PAGE 1/8 06/09/12 TITLE / REFERENCE: REFEDS-20120905 Minutes of the REFEDS Fall Meeting, 5 th September 2012, Utrecht Licia Florio and Nicole Harris Abstract: Table
More informationCross-organisational roaming on wireless LANs based on the 802.1X framework Author:
Cross-organisational roaming on wireless LANs based on the 802.1X framework Author: Klaas Wierenga SURFnet bv P.O. Box 19035 3501 DA Utrecht The Netherlands e-mail: Klaas.Wierenga@SURFnet.nl Keywords:
More informationGN4-2 SA2 Kick-Off Meeting Amsterdam/NL 30/
GÉANT edupki Serving GÉANT Services GN4-2 SA2 Kick-Off Meeting Amsterdam/NL 30/31.05.2016 Reimer Karlsen-Masur, DFN-CERT Services GmbH Slides & Related Materials @ https://www.edupki.org Outline The 3
More information1.3 More information about eduroam is available at the relevant eduroam Service Provider (ESP) website detailed in Schedule 1 of this document.
1.0 Background to this document 1.1 This document sets out guidelines that cover the control of the supply and receipt of Internet access for educational purposes, that is primarily (but not exclusively)
More informationIntroduction to eduroam
SLIDE 1 - COPYRIGHT 2015 Introduction to eduroam LEARN eduroam Workshop 6 th May 2016 2 SLIDE 2 - COPYRIGHT 2015 Introduction Paul Hii Australia s National Research and Education Network (NREN) UC & Video
More informationConnect. Communicate. Collaborate. GN2 JRA5 update. Jürgen Rauschenbach (DFN), JRA5 team 04/02/08 Marseille. JRA5 Team
GN2 JRA5 update Jürgen Rauschenbach (DFN), JRA5 team 04/02/08 Marseille eduroam Working on the eduroam database and a new dissemination look (maps) RadSec release 1.0 Beta is out - reasonable stable and
More informationeducation federation CUC 2005, Dubrovnik High-quality Internet for higher education and research
eduroam: towards a pan-european research and education federation CUC 2005, Dubrovnik Klaas.Wierenga@surfnet.nl Contents Introduction to federations Federations for education Network access: eduroam Application
More informationTF-VVC is not directly related with any of the GN2 JRA s, but in some activity areas the task force is collaborating with the GN2 JRA1 and JRA5.
TF-VVC (Voice, Video and Collaboration) http://www.terena.nl/tech/task-forces/tf-vvc/ TF-VVC task force is the successor of TF-Netcast task force, which completed its work in the spring of 2004. TF-Netcast
More informationDeliverable DJ Inter-NREN roaming technical specification document
22.06.06 Deliverable DJ5.1.4: Inter-NREN roaming technical specification document Deliverable DJ5.1.4 Contractual Date: 31/01/06 Actual Date: 22/06/06 Contract Number: 511082 Instrument type: Integrated
More informationeduroam und andere Themen in GN2-JRA5
eduroam und andere Themen in GN2-JRA5 DFNRoaming Workshop Stuttgart 30 November 2006 Jürgen Rauschenbach, DFN-Verein, jrau@dfn.de Inhalt Das GÉANT2 Projekt JRA5 Visionen Was sind Föderationen? eduroam
More informationREFEDS Minutes, 22 April 2012
DOC VERSION:0.1 DATE: 24/04/12 PAGE 1/6 title / reference:refeds-minutes-120422 REFEDS Minutes, 22 April 2012 Licia Florio and Nicole Harris Abstract: Minutes of the REFEDS BOF held in conjunction with
More information16 th TF-EMC 2 Meeting - Wednesday, 22 nd September 2010 Copenhagen, Denmark. The meeting was hosted by WAYF.dk.
Page 1/9 TITLE / REFERENCE Minutes of the 16th TF-EMC 2 Meeting 16 th TF-EMC 2 Meeting - Wednesday, 22 nd September 2010 Copenhagen, Denmark. The meeting was hosted by WAYF.dk. Table of Contents 1. Welcome
More informationREFEDS Year End Report 2015
DOC VERSION: V1.0 DATE: 5 FEB 2016 PAGE 1/12 title / reference: REFEDS Year End Report 2015 Licia Florio, Nicole Harris Abstract: This report provides an overview of the work carried out by REFEDS during
More informationVictoriano Giralt welcomed the participants on behalf of the University of Malaga. Introduction and ECAM announcement (Diego Lopez)
7 th TF-EMC2 Meeting October 16 17, 2006 Malaga, Spain Welcome Victoriano Giralt welcomed the participants on behalf of the University of Malaga. Introduction and ECAM announcement (Diego Lopez) Diego
More informationUsing tunnels and three party authentication to improve roaming security
Supported by the Walloon Region Using tunnels and three party authentication to improve roaming security Damien LEROY UCLouvain - Belgium IP Networking Lab - http://inl.info.ucl.ac.be BELNET Security Conference
More information3 rd TF-Netcast Meeting 14 May 2003 via H.323 video conference
3 rd TF-Netcast Meeting 14 May 2003 via H.323 video conference Issue 1, 16 May 2003 Author: Baiba Kaskina, Dan Mønster Participants: Alessandro Falaschi University of Roma Franca Fiumana CINECA Ernst Heiri
More informationNext-Generation Identity Federations. Andreas Åkre Solberg
Next-Generation Identity Federations Andreas Åkre Solberg Identity Federations GÉANT3 JRA3 Task 2 Solving current challenges, and exploring next generation Identity Management Systems. 3 Research Activity
More informationIPv6 Deployment in European National Research and Education Networks (NRENs)
IPv6 Deployment in European National Research and Education Networks (NRENs) Tim Chown University of Southampton, UK tjc@ecs.soton.ac.uk SAINT2003 Workshop, 27 January 2003 IPv6 rationale IP is fundamental
More informationTechnical Sub-Study Areas
Technical Sub-Study Areas Transmission Technologies Equipment evolution, next-generation standards, transmission protocols & fibre provisioning. Control Plane Technologies Switching & routing matrices
More informationScottish Wide Area Network (SWAN) update & Partnership Connectivity
Scottish Wide Area Network (SWAN) update & Partnership Connectivity Scotland NHS-HE Forum 27 th October, 2016 Andrew Howe, University of St Andrews Ron MacDonald, National Services Scotland Partnership
More informationGN3 PROJECT. Karel Vietsch, TERENA GN3/NA3/T4 Campuses Best Practice meeting, Trondheim, May connect communicate collaborate
GN3 PROJECT Karel Vietsch, TERENA GN3/NA3/T4 Campuses Best Practice meeting, Trondheim, 27-28 May 2009 History 2000-2004: GN1 project GÉANT network 2004-2009: GN2 project GÉANT2 network Other services
More informationGÉANT Community Programme
GÉANT Community Programme Building the community Klaas Wierenga Chief Community Support Officer GÉANT Information day, Tirana, 5 th April 1 Membership Association = very large community to serve GÉANT
More informationAARC Overview. Licia Florio, David Groep. 21 Jan presented by David Groep, Nikhef.
AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef AARC? Authentication and Authorisation for Research and Collaboration support the collaboration model across institutional
More informationEAPlab the ultimate EAP testing facility developed within the SENSE project
EAPlab the ultimate EAP testing facility developed within the SENSE project Tomasz Wolniewicz (PSNC & Nicolaus Copernicus University) TF-MNM 16 Apr 2015 EAPlab what is it? Testing environment
More informationTERENA 2 nd School-NET Workshop
TERENA 2 nd School-NET Workshop Connecting Schools Status in Luxembourg Stefan Winter London, 24 October 2005 Outline Introduction: RESTENA, CTE, P&T Connectivity network backbone
More informationNew Windows build with WLAN access
New Windows build with WLAN access SecRep 24 17-18 May 2016 Ahmed Benallegue/Hassan El Ghouizy/Priyan Ariyansinghe ECMWF network_services@ecmwf.int ECMWF May 19, 2016 Introduction Drivers for the new WLAN
More informationEUMEDCONNECT3 and European R&E Developments
EUMEDCONNECT3 and European R&E Developments David West DANTE 17 September 2012 INTERNET2 Middle SIG, Abu Dhabi The Research and Education Network for the Mediterranean Covering GEANT Other regional network
More informationORCID UPDATE. JISC Workshop, 16 June 2017
ORCID UPDATE JISC Workshop, 16 June 2017 Imagine a world where: You could search the internet and find all of a researcher s work with a single query in any browser You could auto-populate standard publication
More informationIEEE 802.1x, RADIUS AND DYNAMIC VLAN ASSIGNMENT
IEEE 802.1x, RADIUS AND DYNAMIC VLAN ASSIGNMENT Hüseyin ÇOTUK Information Technologies hcotuk@etu.edu.tr Ahmet ÖMERCİOĞLU Information Technologies omercioglu@etu.edu.tr Nurettin ERGİNÖZ Master Student
More informationIntro to Federated Iden2ty with eduroam and edugain
Intro to Federated Iden2ty with eduroam and edugain Brook Schofield edugain Product Manager GÉANT Virtually @ Eko- Konnect, Lagos, Nigeria 7 th October 2015 The computer lab Image URL: hqp://www.fox.temple.edu/cms_about-
More informationAPAN 25 Middleware Session, Hawaii Jan.24, 2008 Japanese University PKI (UPKI) Update and Shibboleth using PKI authentication
APAN 25 Middleware Session, Hawaii Jan.24, 2008 Japanese University (U) Update and Shibboleth using authentication National Institute of Informatics, JAPAN Toshiyuki Kataoka, Shigeki Tanimoto, Masaki Shimaoka
More informationWireless access for Oxford University Staff on Oxfordshire NHS sites
Wireless access for Oxford University Staff on Oxfordshire NHS sites Oxon Health Informatics Service (OHIS) Background and scope. OHIS design, configure, install and maintain all the network (wired and
More informationThe New Infrastructure Virtualization Paradigm, What Does it Mean for Campus?
The New Infrastructure Virtualization Paradigm, What Does it Mean for Campus? Jean-Marc Uzé Juniper Networks juze@juniper.net Networkshop 36, Glasgow, April 8 th 2008 Copyright 2008 Juniper Networks, Inc.
More informationAbstract. Overview of eduroam
Development of KREOENT-based Wi-Fi Service for International Roaming Services Abstract 1 Jinoh Cho, 2 Hyunhun Cho, 3 Jinhyung Park, 4 Gihwan Cho, Corresponding author 1,2,3 Korea Institute of Science and
More informationTERENA, the NRENs, GÉANT & promoting Campus Best Practice
Networkshop 42 Leeds, UK 2 April 2014 John Dyer dyer@terena.org www.terena.org TERENA, the NRENs, GÉANT & promoting Campus Best Practice About TERENA A not-for-profit association of NRENs. 1986 RARE:
More informationTERENA TF-ECS Activity 2 Overview of national activities and deployments
TERENA TF-ECS Activity 2 Overview of national activities and deployments Author: Fabio Vena (SWITCH), contributions from all Version Author Modification Date 0.1 Fabio Vena Initial draft 2007.05.11. 0.2
More informationFrequently Asked Questions
December 2001 Introduction International Standard ISO/IEC 17799:2000 Information Security Management, Code of Practice for Information Security Management Frequently Asked Questions The National Institute
More informationGreek Research and Technology Network. Authentication & Authorization Infrastructure. Faidon Liambotis. grnet
Greek Research and Technology Network Authentication & Authorization Infrastructure Faidon Liambotis faidon@.gr Networking Research and Education February 22 nd, 2011 1 Who am I? Servers & Services Engineer,
More information3ROX Spring Meeting. Thursday, 20 April 2017 Pittsburgh, PA
3ROX Spring Meeting Thursday, 20 April 2017 Pittsburgh, PA Agenda Welcome and introductions Updates December outage post-mortem Internet2 DDoS mitigation DNSSEC 3ROX routing (by request) eduroam Roundtable
More informationACCP-V6.2Q&As. Aruba Certified Clearpass Professional v6.2. Pass Aruba ACCP-V6.2 Exam with 100% Guarantee
ACCP-V6.2Q&As Aruba Certified Clearpass Professional v6.2 Pass Aruba ACCP-V6.2 Exam with 100% Guarantee Free Download Real Questions & Answers PDF and VCE file from: 100% Passing Guarantee 100% Money Back
More informationWireless Networking (hosted at
Wireless Networking (hosted at http://utahgeeks.sourceforge.net) I. OBJECTIVES The University of Utah has a need to provide near seamless secure wireless access across campus without impacting or hindering
More informationThe 6NET project. An IPv6 testbed for the European Research Community
The 6NET project An IPv6 testbed for the European Research Community 6NET Project October 2002 1 Project Overview A three-year project to prepare the next generation of the Internet. Started in January
More informationeduroam Managed IdP Product Presentation
eduroam Managed IdP Product Presentation Stefan Winter GeGC Technical Expert, Task Leader eduroam Development @GEANT R&D Engineer, RESTENA Foundation, Luxembourg Last updated: 13 June 2017 eduroam Managed
More informationA MODEL FOR INTERCONNECTION IN IP-BASED NETWORKS
Electronic Communications Committee (ECC) within the European Conference of Postal and Telecommunications Administrations (CEPT) A MODEL FOR INTERCONNECTION IN IP-BASED NETWORKS Vilnius, October 2005 Page
More informationPolicy Management and Inter-domain Mobility for eduroam through virtual Access Points (vaps)
Policy Management and Inter-domain Mobility for eduroam through virtual Access Points (vaps) Daniel Camps-Mur (daniel.camps@i2cat.net), I2CAT Foundation, ES Ilker Demirkol (ilker.demirkol@entel.upc.edu),
More information1. Publishable Summary
1. Publishable Summary 1.1Project objectives and context Identity management (IdM) has emerged as a promising technology to distribute identity information across security domains. In e-business scenarios,
More informationExam HP2-Z32 Implementing HP MSM Wireless Networks Version: 7.1 [ Total Questions: 115 ]
s@lm@n HP Exam HP2-Z32 Implementing HP MSM Wireless Networks Version: 7.1 [ Total Questions: 115 ] HP HP2-Z32 : Practice Test Question No : 1 What is a proper use for an ingress VLAN in an HP MSM VSC?
More informationNetwork Security: WLAN Mobility. Tuomas Aura CS-E4300 Network security Aalto University, Autumn 2017
Network Security: WLAN Mobility Tuomas Aura CS-E4300 Network security Aalto University, Autumn 2017 Outline Link-layer mobility in WLAN Password-based authentication for WLAN Eduroam case study 2 LINK-LAYER
More informationYour wireless network
Your wireless network How to ensure you are meeting Government security standards Cabinet Office best practice Wi-Fi guidelines Overview Cyber Security is a hot topic but where do you start? The Cabinet
More information802.1X: Deployment Experiences and Obstacles to Widespread Adoption
802.1X: Deployment Experiences and Obstacles to Widespread Adoption Terry Simons University of Utah; open1x.org Terry.Simons@utah.edu Jon Snyder Portland State University jon@pdx.edu 802.1X Adoption Ratified
More informationFederated Authentication for E-Infrastructures
Federated Authentication for E-Infrastructures A growing challenge for on-line e-infrastructures is to manage an increasing number of user accounts, ensuring that accounts are only used by their intended
More information2010 Kerberos Conference
2010 Kerberos Conference MIT, Cambridge 26-27 October, 2010 Josh Howlett, Strategic Projects Leader, JANET(UK) & Sam Hartman, Painless Security LLC Contents Background Use-cases Brief overview of architecture
More informationAPNIC & Internet Address Policy in the Asia Pacific
APNIC & Internet Address Policy in the Asia Pacific NZ Internet Industry Forum Auckland, 29 November 2001 Anne Lord, APNIC Overview Introduction to APNIC Policy Development Address Management APNIC Update
More informationNetwork. 3.1 Core Capacity on the network. TERENA Compendium of Research and Education Networks in Europe / Network. Page 27
3 Network 3.1 Core Capacity on the network We have asked NRENs how they would describe their network in bandwidth terms. In other words, we have asked for the current typical core usable backbone capacity
More informationCollaborative Technologies and Enterprise Middleware:
Collaborative Technologies and Enterprise Middleware: A View of the Next Few Years A Day in the Life of Jean Blue Chair: OOPS! After the break, we will have Session 2D: Middleware Authentication (instead
More informationAttribute Release. Contractual Matters
Attribute Release Technical and Legal Issues Contractual Matters Wolfgang Pempe, DFN-Verein pempe@dfn.de DARIAH/DASISH AAI Workshop, 17/18 October 2013, Cologne Overview Attribute Release Technical Issues
More informationCisco Exam Questions and Answers (PDF) Cisco Exam Questions BrainDumps
Cisco 300-375 Dumps with Valid 300-375 Exam Questions PDF [2018] The Cisco 300-375 Securing Cisco Wireless Enterprise Networks (WISECURE) exam is an ultimate source for professionals to retain their credentials
More informationFederated E-infrastructure Dedicated to European Researchers Innovating in Computing network Architectures
Federated E-infrastructure Dedicated to European Researchers Innovating in Computing network Architectures Mauro Campanella - GARR FP7 Future Networks Concertation Meeting Brussels, March 11th, 2008 FEDERICA
More informationAuthenticated Wireless Roaming via Tunnels
Supported by the Belgian Walloon Region Authenticated Wireless Roaming via Tunnels M. MANULIS, D. LEROY, F. KOEUNE, O. BONAVENTURE, J-J. QUISQUATER UCLouvain - Belgium UCL Crypto Group - IP Networking
More informationE-Seminar. Wireless LAN. Internet Technical Solution Seminar
E-Seminar Wireless LAN Internet Technical Solution Seminar Wireless LAN Internet Technical Solution Seminar 3 Welcome 4 Objectives 5 Definition 6 Uses 7 LAN Network Layout 8 Operation 9 Building - to -
More informationManaging the lifecycle of XACML delegation policies in federated environments
Managing the lifecycle of XACML delegation policies in federated environments Manuel Sánchez, Óscar Cánovas, Gabriel López, Antonio F. Gómez-Skarmeta Abstract This paper presents an infrastructure that
More informationINCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES
INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES Participation in the InCommon Federation ( Federation ) enables a federation participating organization ("Participant") to use Shibboleth identity
More informationUnfortunately it was not possible to have people from GRID, so the scenario described in this reports is not complete.
AA Workshop Report 26-27 November, 2002 Stockholm, Sweden Programme The first workshop about authentication and authorization infrastructure, foreseen in the Terms of Reference of TF-AACE, was arranged
More informationIST MUPBED: Multi-Partner European Test Network for Research Networking
IST MUPBED: Multi-Partner European Test Network for Research Networking Multi-Partner European Test Beds for Research Networking IST FP6 Project in 2nd Call, Research Networking Test Beds IST FP6 Project
More informationeidas cross-sector interoperability
eidas cross-sector interoperability Christos Kanellopoulos GRNET edugain SG October 13 th, 2016 Background information 2013 - STORK-2 collaboration (GN3Plus) 2014-07 Adoption of the eidas Regulation 2014-09
More informationExpected Outcomes Able to design the network security for the entire network Able to develop and suggest the security plan and policy
CHAPTER 9 DEVELOPING NETWORK SECURITY STRATEGIES Expected Outcomes Able to design the network security for the entire network Able to develop and suggest the security plan and policy Network Security Design
More informationGuide to Configuring eduroam Using the Aruba Wireless Controller and ClearPass RADIUS
Guide to Configuring eduroam Using the Aruba Wireless Controller and ClearPass RADIUS Best Practice Document Produced by the UNINETT-led Campus Networking working group Authors: Tom Myren (UNINETT), John-Egil
More information1. Federation Participant Information DRAFT
INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES [NOTE: This document should be considered a as MIT is still in the process of spinning up its participation in InCommon.] Participation in InCommon
More informationThe AAF - Supporting Greener Collaboration
SPUSC 2008 SOUTH PACIFIC USER SERVICES CONFERENCE The AAF - Supporting Greener Collaboration Stuart Allen MAMS MELCOE Macquarie University sallen@melcoe.mq.edu.au What is the AAF? The Australian Access
More informationReport on Current Status of WLAN Networks at Finnish Campuses in 2010 Report
Report on Current Status of WLAN Networks at Finnish Campuses in 2010 Report Produced by FUNET Author: Wenche Backman January 2010 TERENA 2010. All rights reserved. Document No: GN3-NA3-T4-status-WLAN-networks
More informationJoining forces to fight botnets. Dan Tofan Head of the Technical Division CERT-RO 17/02/2014
Joining forces to fight botnets Dan Tofan Head of the Technical Division CERT-RO 17/02/2014 Agenda Who are we? Benefits and collaboration opportunities ACDC European funded pilot project - 16 mil. Selected
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: University of Guelph Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert
More informationFileSender Update. blog.filesender.org. Jan Meijer
FileSender Update www.filesender.org blog.filesender.org Jan Meijer 12 th TF-Storage 6 March 2013 screenshot FileSender = File Transport!= File Storage value proposition? painless sharing arbitrarily large
More informationE-Seminar. Voice over IP. Internet Technical Solution Seminar
E-Seminar Voice over IP Internet Technical Solution Seminar Voice over IP Internet Technical Solution Seminar 3 Welcome 4 Objectives 5 Telephony in Business 6 VoIP and IP Telephony 7 Traditional Telephony
More informationFEDERICA Federated E-infrastructure Dedicated to European Researchers Innovating in Computing network Architectures
FEDERICA Federated E-infrastructure Dedicated to European Researchers Innovating in Computing network Architectures Mauro Campanella - GARR Joint Techs Workshop / APAN Honolulu, January 23 2008 FEDERICA
More informationThe challenges of (non-)openness:
The challenges of (non-)openness: Trust and Identity in Research and Education. DEI 2018, Zagreb, April 2018 Ann Harding, SWITCH/GEANT @hardingar Who am I? Why am I here? Medieval History, Computer Science
More informationHEALTH INFORMATION INFRASTRUCTURE PROJECT: PROGRESS REPORT
HEALTH INFORMATION INFRASTRUCTURE PROJECT: PROGRESS REPORT HCQI Expert Group Meeting 7-8 November 2013 Agenda to improve health information infrastructure» In 2010, health ministers called for improvement
More informationA collaboration overview: From TF-VSS to GN2 SA6
A collaboration overview: From TF-VSS to GN2 SA6 András Kovács, NIIF/HUNGARNET GN3 SA3-T4 educonf Workshop, Lisbon 19 October 2010 Introduction a bit of history National VC services: Endpoint deployment:
More informationNew trends in Identity Management
New trends in Identity Management Peter Gietz, DAASI International GmbH peter.gietz@daasi.de Track on Research and Education Networking in South East Europe, Yu Info 2007, Kopaionik, Serbia 14 March 2007
More informationGÉANT-TrustBroker project overview
GÉANT-TrustBroker project overview Slides assembled by the Géant-TrustBroker team at Leibniz Supercomputing Centre, Germany for a short presentation by Licia Florio at the TF-EMC2 meeting Zurich, Switzerland
More informationRelease Notes for the Nortel Networks Wireless LAN Mobile Adapter 2201 Release
Part No. 216582-A April 2004 4655 Great America Parkway Santa Clara, CA 95054 Release Notes for the Nortel Networks Wireless LAN Mobile Adapter 2201 Release 1.1.0.0 *216582-A* 2 Copyright 2004 Nortel Networks
More informationUsing EAP-TTLS and WPA EAP-TTLS Authentication Security on a Wireless Zebra Tabletop Printer
Using EAP-TTLS and WPA EAP-TTLS Authentication Security on a Wireless Zebra Tabletop Printer Q. What is EAP-TTLS? A. Extensible Authentication Protocol- Tunneled Transport Level Security is an IEEE 802.1x
More informationFuture Internet Experiments over National Research & Education Networks: The Use Cases of FEDERICA & NOVI over European NRENs - GÉANT
Future Internet Experiments over National Research & Education Networks: The Use Cases of FEDERICA & NOVI over European NRENs - GÉANT Vasilis Maglaris Professor of Electrical & Computer Engineering, NTUA
More informationINCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES
INCOMMON FEDERATION: PARTICIPANT OPERATIONAL PRACTICES Participation in the InCommon Federation ( Federation ) enables a federation participating organization ("Participant") to use Shibboleth identity
More informationSecurity Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 Outline Input FIM4R requirements TNC2014 BoF Romain Wartel Security
More informationService Delivery and Operations Report
25-05-2017 Deliverable 5.2 Contractual Date: 30-04-2017 Actual Date: 25-05-2017 Grant Agreement No.: 731122 Work Package/Activity: 5/SA2 Task Item: Task 2 and Task 3 Nature of Deliverable: R Dissemination
More informationFederated Identities and Services: the CHAIN-REDS vision
Co-ordination & Harmonisation of Advanced e-infrastructures for Research and Education Data Sharing Federated Identities and Services: the CHAIN-REDS vision Federico Ruggieri, GARR/INFN Joint CHAIN-REDS/ELCIRA
More informationOptions for Joining edugain. Lukas Hämmerle, SWITCH DARIAH Workshop, Köln 18 October 2013
Options for Joining edugain Lukas Hämmerle, SWITCH DARIAH Workshop, Köln 18 October 2013 Outline 1. GE ANT and the Enabling Users task 2. Options to Join edugain 3. Discussion 2 GÉANT (GN3plus) - vital
More information