*Attendees*
Kevin Miller, Duke U. (co-chair)
Philippe Hanset, U. Tennessee (co-chair)
Chris Misra, U. Mass
Steve Carmody, Brown U.
Richard Conto, Merit
Rich Cropp, Penn State U.
Mark Linton, Penn State U.
Walt Reynolds, U. Michigan
Tom Zeller, Indiana U.
John Vollbrecht, Internet2
Steve Olshansky, Internet2
Jessica Bibbee, Internet2 (scribe)
New *Action Items*
[AI] Group should review the thread on user tracking and post comments to the list (c.f. Chris’ email on 18-Jan, originally Fred Leeflang’s email to NetAuth WG on 16-Jan)
[AI] Please send {SteveO, Kevin, or Chris} an email if you would like to participate more directly with putting together the survey and analyzing results.
[AI] Group will look at the survey question in the wiki and contribute questions or comments.
[AI] {Philippe, Mark, & Chris} will work together on a presentation at the I2MM regarding the guest access survey results and current work in this space.
[AI] {Kevin} will put together a skeleton of a proposal for implementing the RADIUS-SAML integration work.
[AI] {Steve C.} will post his RADIUS-SAML document in the FWNA wiki.
[AI] Group will think about resource requirements for getting a proposal ready to work with other interested groups.
Carry-over *Action Items*
[AI] {Kevin} will review his notes from Member Meeting and send changes to {Jessica}. (11-Jan-07)
[AI] {Kevin} will lead discussion at Joint Techs to gather consensus around the RADIUS-SAML integration topic. (11-Jan-07)
[AI] {Kevin} will address the EDUCAUSE-WLAN list to get feedback on the RADIUS-SAML document by the end of February. (11-Jan-07)
[AI] {Steve C.} will review the draft RADIUS-SAML document and update with conversations with {Bob Morgan and Scott Cantor} and forward to the list for feedback from an operational perspective. (11-Jan-07)
[AI] {John} will contribute questions towards identifying and compiling trust issues for a document(s).
[AI] {Chris} will forward a link regarding developments in the NEA working group.
Future *Agenda Items*
- Group will consider holding an additional call to further discuss 802.1x and Microsoft (re: Vista).
*Agenda*
1. Internet2 IPR Framework
- <http://members.internet2.edu/intellectualproperty.html>
- IPR/FWNA status update?
2. NetAuth
- UserTracking 2: pre-alpha-3 release (c.f. Fred Leeflang’s email, 16-Jan-07)
- EDUCAUSE-WLAN list discussion – what are you doing for guest access?
3. SecureW2 / other client concerns?
4. Guest access survey
5. Spring 2007 Internet2 Member Meeting – Arlington, VA. 23-25-Apr
6. FWNA Next Gen
*Discussion*
Internet2 IPR & FWNA
There is no update to report on the Internet2 IPR framework discussion with respect to the FWNA Working Group.
NetAuth - UserTracking 2: pre-alpha-3 release
{Chris} shared a couple matters of interest within the SALSA-NetAuth Working Group space. {Fred Leeflang} emailed the NetAuth list with information on a tool called UserTracking (c.f. Chris’ email on 18-Jan, originally Fred’s email to NetAuth WG on 16-Jan). {Chris} asked the group if they thought this might be of value to any of the FWNA work, especially with respect to the 802.1x space. Is it just another tool to maintain? Perhaps the tool and its offerings may contribute to a better understanding of the problem space. [AI] Group should review the thread on user tracking and post comments to the list.
NetAuth - EDUCAUSE-WLAN list discussion
{Chris} also noted a thread on the EDUCAUSE-WLAN mailing list, where there is discussion pertaining to various campus’ plans for guest access.
Vista & 802.1x
The Group briefly discussed the response from {Mudit Goel} of Microsoft, regarding Vista and subsequent changes for 802.1x supplicants (c.f. Mudit’s email on 25-Jan-07). The Group expressed interest in continuing dialogue with {Mudit} at perhaps a later point, after they have had time to work with Vista and gather questions or issues to address. This item will be kept as a future agenda item.
Guest Access Survey
{SteveO} has set up a demo survey for interested individuals to see how the real guest access survey will work. {Mark} has put together a list of items to be considered and questions to include in the survey. These may be found in the FWNA wiki <https://wiki.internet2.edu:443/confluence/x/YCc>. From this initial work, the formal survey will be drafted. [AI] Please send {SteveO, Kevin, or Chris} an email if you would like to participate more directly in putting together the survey and analyzing results.
The Group decided the survey should require participants to submit his/her 1) job title and 2) department. This will account for the possibility of multiple people from the same institution dealing with different environments. The participant will have the option of providing his/her name and institution, but these are not primary drivers.
[AI] Group will look at the survey question in the wiki and contribute questions or comments. The Group set a last call for the next NetAuth – FWNA Working Group meeting (22-Feb), with a hard deadline for the survey work completion at the end of February. The survey will then be announced publicly to concerned groups and will be available throughout the month of March. The beginning weeks of April will be used for analysis and review of the survey results, in advance of the Internet2 Spring Member Meeting (23-25-Apr).
Spring 2007 Internet2 Member Meeting
The survey and its results will provide very valuable information and will be worth sharing. [AI] {Philippe, Mark, & Chris} will work together on a presentation at the I2MM regarding the guest access survey results and current work in this space. The proposal submission deadline for the I2MM is Monday, 29-Jan.
Steve C.’s RADIUS-SAML Integration Document
The Group discussed the next steps once the RADIUS-SAML Integration document is complete. Should the Group simply share the document with others? Or is another possibility to find a programmer who is willing to actively implement the proposed steps of code; this question was immediately followed by a question of funding source. {Steve C.} mentioned one possible source, the Google Summer of Code program, which refers qualified interns to proposing institutions < http://code.google.com/soc/>. There is still a question of rather it would really be advantageous to have an external [and perhaps untrained] individual working on the implementation, versus someone who is already familiar with the inner workings.
[AI] {Kevin} will put together a skeleton of a proposal for implementing the RADIUS-SAML integration work. It will focus on the architectural questions, as opposed to fundamental questions. The Group discussed the potential constituent groups, likely the Operators and Security Officers. {Steve C.} suggested having a short document to summarize the current document, which now reads more like protocol. {Kevin} said the Internet2 community might be interested, and the Joint Techs crowd will be another community to seek feedback from. Getting the document to a realized state of utility is a prerequisite for, e.g., looking to the ITF, which might help with the overall standards. [AI] {Steve C.} will post his RADIUS-SAML document in the FWNA wiki. [AI] Group will think about resource requirements for getting a proposal ready to work with other interested groups.
802.1x Dongle Idea
{Tom} shared an interesting idea with the Group, regarding a possible solution to getting 802.1x to the dormitory, with thousands of Xboxes or printers, etc. He proposed an inexpensive dongle that would be plugged inline with Ethernet. It would provide 802.1x [wired] capabilities, operating on similar principles to a hotel card-key. At the time of sale, it would be linked to the buyer and allow the user onto the network. However, if it were stolen, it could easily be disabled after notifying the appropriate people. There are potential caveats which are yet to be detailed or addressed, but {Tom} feels it might provide a [better] alternative to using a mac address. {John} said it would be even more enticing if it could be installed with a locking mechanism.
The next SALSA-NetAuth - FWNA WG call will be held on Thursday, January 25, 2007 at 11am EST.