eduroam Development VC Minutes 2026-04-07

Attendance

Welcome / Agenda Bashing
CAT
- work in the admin interface and admin API (include diagnostics)
- NRO interface extended to show : profiles with Prod-Ready && No anonymous outer ID && password-based EAP types

2a. Anon Outer IDs

turns out MANY IdPs do not set Anon Outer IDs
institutions already get a WARNING level notification during creation if this case is configured
changing this is less a technical issue, but a mindset / storytelling one to get through to admins and make them realise that the extra work brings a tangible benefit
small technical bit: logging in many implementations could be improved to correlate outer ID EAP conv and inner ID
CAT could default to checking the box (either global or per-NRO) to make it a conscious decision by an admin to turn it off

geteduroam
- hibernation fix for Android in beta
- issues with logos that are too big. Discussed options to reduce the logo size
IETF

draft-dekok-radext-review-radius is in WG acceptance call. Comment if you want to see it adopted
There is a substantial discussion in the TLS / etc. working groups around certificates, and validating certificates.
- The CA/B people are making decisions without talking to people. They think everything is fine. Pretty much no one else agrees.

Latest draft for the new RadSec standard contributed to the WFA in hope that it will part of the new WPA3 Feature Release update.
WBA is working on RADIUS Conformance suite. AI is cool, right?
- Working on refining requirements, without requirements you can’t really vibe code something new that implements things.

Question re: registering hotspot locations in eduroam maps - latitude/longitude vs. street addresses (Derek)
- https://monitor.eduroam.org/fact_eduroam_db.php
- international reporting accepts /only/ long+lat
Are we done talking about AirSnitch?
- Do we have a ‘statement’?
- We have a response to give if someone asks questions; but didn’t happen so far.