eduroam Development VC, 6 March 2018, 1530 CET
========================================
Attendees
--------------
Stefan Winter, RESTENA
Tomasz Wolniewicz, UMK
Steffen Klemer, DFN
Stephanie Cooper, ANYROAM,
Philippe Hanset, ANYROAM
Chad Bauer, ANYROAM
Mike Zawacki, Internet2
Jørn Åne de Jong, UNINETT AS
Miroslav Milinovic CARNET/SRCE
Maja Gorecka-Wolniewicz, PIONIER
Tsotne Gozalishvili, GRENA
Louis Twomey, HEAnet
Apologies
--------------
1. Welcome, agenda bashing
2. Integrated forced-HTTP-Proxy configuration
- Stefan talks about HTTP vs HTTPS proxys; only HTTPS makes sense
- The HTTPS-Proxy in the home institute has to be open worldwide -> proxy has to be user/password protected
- security considerations are against using the same user/pwd as for eduroam
- we don't know how secure the user/password is stored
- for sake of simplicity: single user/password for all proxy users put into the downloaded eduroam installer
- which means it would be openly available to everybody
- 2nd password-prompt not very userfriendly (we had this before with initial HotSpot2.0-support)
- Philippe: this might be acceptable for the K12/HighSchool-case
- Philippe: We might get an iBoss account (frequently used proxy solution in US K12 scenario)
- Important for US K12: ChromeOS
-> Stefan will look again into the 2nd password-prompt idea after he got the iBoss test account
3. Stefan talks about things
4. Future iOS and macOS updates seem to bring problems
- with md5 signed root certificates
- Tomasz asks for access to these beta versions or testers
5. AOB / next VC
next VC: Apr 3rd, 1530 CET
