Versions Compared

Old Version 4

changes.mady.by.user Stefan Winter

Saved on

compared with

New Version 5

changes.mady.by.user Stefan Winter

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

eduroam IdPs will often (but not necessarily) configure their user devices to react to the OpenRoaming baseline RCOI:

5A-03-BA-00-00 (a.k.a. "OpenRoaming for All Identities, settlement-free, no personal data requested, baseline QoS) - usage of the hotspot is governed by the OpenRoaming End-User Terms and Conditions

OpenRoaming Visited Network Providers who want to signal that they specifically welcome eduroam visitors (which is configured by eduroam IdPs more often) should add the following RCOIs:

5A-03-BA-80-00 00 (a.k.a. "OpenRoaming for Educational or Research Identities, settlement-free, no personal data requested, baseline QoS) - usage of the hotspot is governed by the OpenRoaming End-User Terms and Conditions

00-1B-C5-04-60 (eduroam's own RCOI) - usage of the hotspot is governed by the eduroam Terms and Conditions

...

Third parties should use the eduroam Roaming Consortium Organisation Identifier (RCOI)

00-1B-C5-04-60

...

[configured

...

in

...

end-user

...

device

...

to

...

be

...

displayed

...

as:

...

"eduroam®

...

Hitchhiker"

...

(name

...

provisional)]

to indicate that their Passpoint network is willing to accept eduroam guests. For the actual request routing, there are three possible ways:

...

There are currently no plans to move away from using the SSID "eduroam" as the single user-facing identifier for hotspots operated directly by an eduroam participating organisation. If this ever changes, the Roaming Consortium Organisation Identifier

00-1B-C5-04-6F

...

[configured

...

in

...

end-user

...

device

...

to

...

be

...

displayed

...

as:

...

"eduroam®"]

is reserved for that purpose. It is configured in supplicants but not expected to be emitted by any SP at this point.

...

  • generating Chargeable-User-Identity attributes in authentication responses

  • populating a DNS NAPTR record for their realm pointing to the eduroam OpenRoaming Interchange Proxy:

realm.name.

...

43200

...

IN

...

NAPTR

...

100

...

10

...

"s"

...

"aaa+auth:radius.tls.tcp"

...

""

...

_radsec._tcp.openroaming.eduroam.org.

Infrastructure

OpenRoaming

...

In general, the Passpoint configuration configures two eduroam RCOIs:

00-1B-C5-04-60

...

[Display

...

Name

...

"eduroam®

...

Hitchhiker"

...

(name

...

provisional)]
00-1B-C5-04-6F

...

[Display

...

Name

...

"eduroam®"]

The latter one is reserved for a distance-future use, in case eduroam would go fully Passpoint and give up on SSID-based configurations throughout all SPs world-wide. The RCOI would then signify eduroam self-operated hotspots with this "home" display name.

To allow your users to connect also to OpenRoaming hotspots (under the OpenRoaming End-User Terms and Conditions), firstly make sure that your users acknowledge the OpenRoaming End-User Terms and Conditions. Then configure the following two RCOIs additionally:

5A-03-BA-00-00 (a.k.a. "OpenRoaming for All Identities, settlement-free, no personal data requested, baseline QoS) - usage of the hotspot is governed by the OpenRoaming End-User Terms and Conditions

5A-03-BA-80-00 00 (a.k.a. "OpenRoaming for Educational or Research Identities, settlement-free, no personal data requested, baseline QoS) - usage of the hotspot is governed by the OpenRoaming End-User Terms and Conditions

...