SALSA-NetAuth - FWNA conference call September 8, 2005

SALSA-NetAuth - FWNA conference call September 8, 2005

*Attendees*
Kevin Miller, Duke U. (co-chair)
Philippe Hanset, U. Tennessee (co-chair)
Dennis Ward, U. Michigan
Mark Poepping, Carnegie Melon U.
Chris Misra, U. Mass
Tom Zeller, Indiana U.
Rich Cropp, Penn State
Mark Linton, Penn State
Lisa Hogeboom, Internet2
Steve Olshansky, Internet2
Jessica Bibbee, Internet2 (scribe)

New *Action Items*
[AI] {Philippe} will work on updating the FWNA wiki to help capture important issues.

Carry-over *Action Items*
[AI] {Group} will populate EAP and 802.1X information to the FWNA wiki. (27-Jul-05)
[AI] {Philippe} will draft a use case focusing on shared facilities between two institutions. (24-Mar-05)

*Discussion*
Is there value to providing access to other networks to allow affiliates to roam there as well? {Kevin} suggested that Airpath might provide insight for options regarding web-based portal log-ins. Future conversations with Airpath could lead to facilitating FWNA work. iPass is another wireless option for secure global connectivity. It may also be of value to contact those who have experience in this realm.

As universities are limited in part due to their budgets, it is necessary to bear in mind the justification for a sound business case. As demand increases for a visitor network, more funding may be available, and there may also be more offered from a commercial standpoint. Before this happens, it is important to start the experiment and get feedback.

As more universities take on 802.1x, it may be worthwhile to contact them directly, to see if they would be interested in joining the experiment. In addition, universities will be more willing to adopt 802.1x and participate in the experiment if there is already a support structure in place. In particular, network directors and managers will be the most interested in following these efforts.

{Philippe} explained the visitor network being designed by Eduroam, with increased convenience. For the visiting scientist (etc.), they are not interested in putting an anti-virus on their machine. He raised a valid question of how to compare Eduroam and FWNA – what are the advantages of using one over the other, and who is more apt to choose one versus the other?

Which issues would be solved or simplified by regional aggregation, for example - eduroam.mi or eduroam.tn, as opposed to eduroam.us? There is a possibility to have a single, state-wide network, eliminating local intra-state issues – however, it would not address out-of-state visiting issues. What is the best way to approach scaling issues?

The Fall Internet2 Member Meeting <http://events.internet2.edu/2005/fall-mm/ > will be a good venue to approach participants about SSID scenarios. What is the best way to proceed, so as not to isolate ourselves or others? This might be best approached from an engineering standpoint, addressing access points. What are the known hardware issues – could a subnet be added? How would one route a Layer 2 VLAN? How should FWNA address routing someone using a local address on the map? What access complications might emerge from not standardizing?

Perhaps a suggestion can be made as to using FWNA, leaving their local network as a backup option. However, there is the issue of not getting connected if the network is not known, which brings you right back to the previous problem. The Group seemed to reach consensus on recommending a particular SSID, while allowing an existing SSID to be used if so desired.

It would be interesting to investigate what happens when assigning different levels of encryption. Do we have a recommendation for encryption? How does the Group feel about recommending WPA-TKIP?

What would happen if a brand were to be assigned to differentiate between levels – for example, Eduroam-Gold would do X, and Eduroam-Silver does Y, etc. This might help to clarify varying capabilities, and would provide respective levels of standardization. However, this raises concern for dissent of standards between different levels.

{Kevin} will continue to work on the Goals document, and [AI] {Philippe} will work on updating the FWNA wiki to help capture important issues. What are the basics needed to easily interconnect?

The Group discussed whether infrastructure servers need any EAP knowledge to effectively pass EAP messages, and it was decided that no EAP knowledge is needed to do so.

Due to the Fall 2005 Internet2 Member meeting in Philadelphia, PA over 19/22-Sep, the next regular call will be canceled. Therefore, the next scheduled SALSA-NetAuth - FWNA conference call will be Thursday, October 6, 2005 at 11am ET.