SALSA-NetAuth - FWNA conference call June 1, 2006

SALSA-NetAuth - FWNA conference call
June 1, 2006

*Attendees*
Kevin Miller, Duke U. (co-chair)
Philippe Hanset, U. Tennessee (co-chair)
Mike Coffee, U. Tennessee
Dennis Ward, U. Michigan
Andy Rosenzweig, Merit
John Vollbrecht, Merit
Rich Cropp, Penn State U.
Mark Linton, Penn State U.
Steve Olshansky, Internet2
Jessica Bibbee, Internet2 (scribe)

New *Action Items*
[AI] Philippe will approach Denmark to set up test connections.
[AI] {Kevin and John} will float initial work on an IETF presentation to the list for review/feedback before the next WG call.
[AI] {Philippe} will post a list of 802.1x issues on the wiki to guide next steps of the FWNA WG.
[AI] {Kevin} will send an informal note to {Chris Misra} regarding the progression to Phase II for the FWNA group.

Carry-over *Action Items*
[AI] {Kevin} will post the 802.1x wrap-up from the Internet2 MM on the wiki. (18-May-06)
[AI] {John} and {Chris} will work on a basic architecture page for a document on next steps w/802.1x. (18-May-06)
[AI] {John} will approach the NEA Group with a proposal for a presentation on 802.1x at the next IETF meeting. (18-May-06)
[AI] {Kevin} will develop starter questions for use cases, then drop into wiki. (18-May-06)
[AI] {Rich} will work on a use case for Penn State. (18-May-06)
[AI] {Kevin} will connect the local RADIUS administration folks at Duke to the FWNA-Ops list. (23-Feb-06)

Future *Agenda Topics*
+ Group will discuss attributes and experimentation around a contact # attribute. (20-Apr-06)
+ Group will think of local site requirements for security, logging, and access to utilization of information in the context of Eduroam, where non-local users are involved. (3-Nov-05)

*Discussion*
{Philippe} gave a speech at the TERENA conference in April, via videoconference, similar in material to the Spring 2006 Internet2 Member Meeting: http://www.terena.nl/events/tnc2006/programme/sessions/show.php?sess_id=152

When asked about the strategy for FWNA and whether a top-down approach was ideal, {Philippe} responded that it was more likely to be grown from the bottom-up. He also said there is still a lot of work to be done to make 802.1x a more practical option. Needing to change passwords often presents the challenge of either being shutdown if you fail to do so, and if you do change passwords, it necessitates a very technical grasp of Windows. Implementing 802.1x is a challenge, while respecting security.

Another 802.1x challenge is that the most elegant way to disconnect is through a manual process of forcing someone off. Voicing a need for such an automatic feature may gather interest among vendors, and would necessitate a standard.

{Mike} reported that U. Michigan will soon have a functioning connection. Currently, U. Tennessee has a connection to the Netherlands, and {Philippe} has requested a connection to the Danish Eduroam server. Its more complex configuration will enable them to view the hierarchical connection and load. [AI] Philippe will approach Denmark to set up test connections.

{Andy} said that the server at Merit will soon need to be moved, which he will announce over the FWNA-Ops list.

{John} intends to propose the idea of an FWNA presentation at the IETF meeting in Montreal on July 9th. [AI] {Kevin and John} will float initial work on an IETF presentation to the list for review/feedback before the next WG call.

{Philippe} again mentioned the idea to have FWNA focus its efforts through two groups – operations and policy work. [AI] {Philippe} will post a list of 802.1x issues on the wiki to guide next steps of the FWNA WG. [AI] {Kevin} will send an informal note to {Chris Misra} regarding the progression to Phase II for the FWNA group.

The next SALSA-NetAuth - FWNA WG call will be held on Thursday, June 15 at 11am EDT.