eduroam Development VC Minutes 2022-03-29 1530 CEST

Attendance

Attendees

  • Stefan Winter (Restena)
  • Stefan Paetow (Jisc)
  • Sara Jeanes (Internet2)
  • Arnaud Lauriou (RENATER)
  • Geoffroy Arnoud (RENATER)
  • Christian Rohrer (SWITCH)
  • Anders Nilsson (SUNET)
  • Maja Górecka-Wolniewicz (PSNC)
  • Zbigniew Ołtuszyk (PSNC)
  • Wenche Backman-Kamila (CSC/Funet)
  • Philippe Hanset (ANYROAM)
  • Dubravko Penezić (SRCE)
  • Tomasz Wolniewicz (PSNC)

Regrets

  • Janos Mohacsi (KIFÜ)

Agenda / Proceedings

  1. Welcome / Agenda Bashing

  2. eduroam Managed SP - first feedback?

    • seems to do what it says it does
    • ability to add a “default” VLAN (rather than guest VLAN)
    • should port numbers be in sync, or can they remain distinct?
    • AI @Stefan: verify the state and/or promise of monitoring. Might be only for prod phase.
    • Checked post-meeting: monitoring infrastructure of SRCE to be used in prod, not foreseen for pilot phase

  3. CAT release

    • translation update done earlier today, sorry for the delay
    • build system fixes for CI (Scrutinizer) pending

  4. CAT Operational Issue: signing certificate renewal

    • one of the signer certs (on HSM) is going to expire soon (tomorrow!)
    • mobileconfig installers are not time-stamped (not possible) so need to use the new signing cert ASAP, and cache emptied
    • Windows less urgent, as they are time-stamped, and cached installers continue to be valid
    • replacement is twofold; EV signing cert on a much lower-performing aux hardware (USB stick, multi-second signing time) ; non-EV mobileconfig one on file or HSM still (not an issue)
    • EV code signing on HSM would need to be procured through DigiCert; Sectigo doesn’t support
    • queueing for EV signing operations ready. Will be rolled out in phased way in order to monitor overload situations.

  5. AOB / next VC: 12 Apr 2022 1530 CEST

  • No labels