UCTrust Workgroup
Child pages
  • UCTrust Wireless Approach after the Eduroam-US Announcement

DRAFT - UCTrust Wireless Approach after Eduroam-US Announcement - DRAFT

In July of 2010, eduroam-US was announced.  As a result the UCTrust Wireless group has been reevaluating it's original strategy, as outlined in UCTrust Wireless Approach Discussed by the CPG. This document describes an alternative proposed strategy for review by the UCTrust Work Group and the Communications Planning Group.

Proposed Modified Strategy

When the UCTrust Wireless project started, eduroam-US was not widely deployed, and our strategy was "... that federating our web portals with Shibboleth is the best first step.  We will track eduRoam progress in the US and plan to federate access to our encrypted networks when it seems appropriate to do so."  We did this, as it seemed the most effect way to make quick progress toward federating UC's wireless guest networks.

While some campuses have issues associated with adopting eduroam-US as it is today, we now propose that our first step toward that goal be to join eduroam-US, start using its services, and work within that federation to resolve the issues. The originally-planned federated captive portal could be the strategy for situations where 802.1x is not a feasible technically, or where the operational impacts of eduroam-US are too great. However, a bifurcated strategy will increase user frustration and will not provide seamless roaming between UC campuses. In addition, the captive portals are likely to take longer to implement, however, as eduroam-US is a relatively fast implementation for many campuses.

Issues Associated with Federated Guest Wireless Access

The group has identified the following issues associated with the management of a federated guest wireless service.

  • Host institutions require information about their guests.  This information is used to communicate with guests in the following situations:
    • A security vulnerability is suspected on a guest's computer.
    • A copyright infringement notice is received for a guest.
    • A security investigation involves a guest.
  • Host institutions may desire to present local information, such as its network policy, to guests.
  • A wireless guess access federation needs policies to govern operational issues and other interactions among its members.

These issues that are not currently well-addressed by eduroam-US, and campuses joining eduroam-US now will need to accommodate. These are, however, issues for any federated guest wireless service, and will need to be addressed in the implementation of the "federated captive portal" strategy.

  • No labels