SALSA-NetAuth - FWNA conference call October 6, 2005

SALSA-NetAuth - FWNA conference call October 6, 2005

*Attendees*
Kevin Miller, Duke U. (co-chair)
Philippe Hanset, U. Tennessee (co-chair)
RL “Bob” Morgan, U. Washington
Mark Poepping, Carnegie Melon U.
Chris Misra, U. Mass
Rich Cropp, Penn State
Lisa Hogeboom, Internet2
Steve Olshansky, Internet2
Jessica Bibbee, Internet2 (scribe)

New *Action Items*
[AI] {Philippe and Kevin} will begin a separate implementation document for Lesson Learned as the experiment gets underway.

[AI] {Mark, Chris, Philippe, and Kevin} will continue discussion and work to set up a time for people to start up the experiment jointly.

[AI] {Kevin} will send a message to the {SALSA-FWNA} list to gather feedback about and to solicit a second site for a top level server.

[AI] {Philippe and Kevin} will work on drafting a budget and requirements of getting a second server up and running.

Carry-over *Action Items*
[AI] {Philippe} will work on updating the FWNA wiki to help capture important issues. (8-Sep-05)

[AI] {Philippe} will draft a use case focusing on shared facilities between two institutions. (24-Mar-05)

*Discussion*
The NetAuth-FWNA BoF at the Fall Internet2 Member Meeting presented several documents that are in progress; these presentations can be found online at the NetAuth home page and <http://events.internet2.edu/2005/fall-mm/sessionDetails.cfm?session=2377&event=239>.

{Philippe} raised the issue of how FWNA can parallel the work of Eduroam. There is discussion over whether to have strong or weak requirements, whether or not to have an Eduroam SSID for an encryption type vs. EAP type. There may be better alternatives to waiting for everyone to use EAP to do VLAN, based on 802.1x authentication. What are the demands put on your infrastructure for when a visitor comes to your site? {Kevin} suggested that the document be changed to explicitly state that FWNA advises that one *should* broadcasting, if at all possible. If it is not possible, an alternate implementation can be offered. It is possible to participate with an Eduroam SSID or a non Eduroam SSID. The Group needs to decide on a level of tolerance, leaning more towards a rigid experiment or giving flexibility to those joining. How to accommodate users while maintaining consistent service? If the Group decides to act as a broker and possibly host a central page that explains what to do in the event of not using Eduroam, it would require some research to determine how to do so.

The Group decided it would be best to create a separate document that addresses the requirements of the local RADIUS server. [AI] {Philippe and Kevin} will begin a separate implementation document for Lesson Learned as the experiment gets underway. All documents can be viewed here: <http://fwna.oit.duke.edu:2500/fwna>.

The Group discussed the minimum requirements for having a second top-level server. Finding the hardware to run the second server should not be a huge obstacle – more so, it is an issue of how much maintenance is required to run the server, and subsequently how much time/man-hours is required. It may be of interest to have more than a volunteer, but perhaps even a graduate student who is willing to devote time in maintaining the server. [AI] {Philippe and Kevin} will work on drafting a budget and requirements of getting a second server up and running. [AI] {Kevin} will send a message to the {SALSA-FWNA} list to gather feedback about and to solicit a second site for a top level server.

As the top-level support is figured out, the Group needs to consider how they will gain feedback from those participating in the experiment. [AI] {Mark, Chris, Philippe, and Kevin} will continue discussion and work to set up a time for people to start up the experiment jointly.

The next SALSA-NetAuth – FWNA conference call will be on Thursday, October 20, 2005 at 11am.