Error!

Spaces has been migrated to the cloud. Please go to https://ucla-confluence.atlassian.net to update your space/s.

IT Services has migrated the content of spaces.ais.ucla.edu to Atlassian Confluence Cloud. Please visit https://ucla-confluence.atlassian.net to update your space/s. Spaces.ais.ucla.edu is now in read-only mode through July 31st, 2024
UCTrust Workgroup
Child pages
  • UCTrust Wireless Approach after the Eduroam-US Announcement

Versions Compared

Old Version 2

changes.mady.by.user David H Walker

Saved on

compared with

New Version 3

changes.mady.by.user David H Walker

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In July of 2010, Eduroam-US was announced.  As a result the UCTrust Wireless group has been reevaluating it's original strategy, as outlined in UCTrust Wireless Approach Discussed by the CPG. This document describes an alternative proposed strategy for review by the UCTrust Work Group and the Communications Planning Group.

Proposed Modified Strategy

When the UCTrust Wireless project started, Eduroam-US did not exist, and our strategy was "... that federating our web portals with Shibboleth is the best first step.  We will track eduRoam progress in the US and plan to federate access to our encrypted networks when it seems appropriate to do so."  We did this, as it seemed the most effect way to make quick progress toward federating UC's wireless guest networks.

While there are issues associated with adopting Eduroam-US, we now propose that our first step toward that goal be Eduroam-US, with the originally-planned federated captive portal as the strategy for situations where the risks are too great, or where 802.1x is not a feasible technically. The captive portals are likely to take longer to implement, however, as Eduroam-US is a relatively fast implementation for many campuses.

Issues Associated with Eduroam-US

The group has identified the following issues with Eduroam-US.  UC campuses that join Eduroam-US will work to resolve these issues within the Eduroam-US structure.

  • Eduroam-US provides only minimal information to host institutions about their guests.  This will make communicating with guests difficult or impossible in the following situations:
    • A security vulnerability is suspected on a guest's computer.
    • A copyright infringement notice is received for a guest.
    • A security investigation involves a guest.
  • The 802.1x technology utilized by Eduroam-US does not support presentation of a host's local information, such as its network policy, to guests.
  • Eduroam-US does not yet have a formal set of policies governing operational issues and other interactions among its members.