eduroam Development VC Minutes 2025-11-04

Attendance

Attendees

  • Stefan Winter (RESTENA)
  • Anders Nilsson (SUNET)
  • Zbigniew Ołtuszyk (PSNC)
  • Donald Coetzee (TENET)
  • Louis Twomey (HEAnet)
  • Tomasz Wolniewicz (PCSS)
  • Ed Kingscote (CANARIE)
  • Paul Dekkers (SURF)
  • Ed Wincott (Jisc)
  • Janos Mohacsi (Pro-M)
  • Janfred Rieckers (DFN)
  • Maja Górecka-Wolniewicz (PCSS)

Regrets

  • Frederic Gerber (Switch)
  • Stefan Paetow (Jisc)

Agenda / Proceedings

  1. Welcome / Agenda Bashing

  2. CAT

  • 2.2.1 release plans
  • The VC is blocking Tomasz from getting work done.
  • i.e. will happen today
  • list of changes to be sent to CAT mailing list
  1. geteduroam
  • business as usual (new releases in the last few months, uneventful)
  • Apple App Store and Microsoft Store continue to be difficult
  • Alternative App Stores? also has problems because of per-install fees
  1. IETF
  • November meeting happening now
  • Many updates being done to TLSbis
  • initial Protocol-Error implementation in FreeRADIUS and radsecproxy. Agreement from Cisco to at least test
  • Discussion of RADIUS over QUIC is at least promising. Work currently starting. Promising because no head-of-line blocking.
  • emu: TEAP still going ahead, new developments in the space likely to happen inside that (as TEAPv2)
  1. WFA
  • RADSec as a part of future WPA3 “requirements” Preferably both Certbased and TLS/PSK.
  • Lobbying for EAP-TLS 1.3 support being mandatory (maybe TEAPv2?)
  • Apple is proposing a local provisioning of certificates for EAP-TLS, using a CA on the AP. ???
  1. OpenRoaming / WBA
  • WBA Liason statement to IETF supporting many ongoing and future drafts
  • Will likely have an official IETF / WBA liason.
  1. AOB
  • 802.11 WG bt. (When do we have to start thinking about Quantum resilience?)
  • AES relatively safe against quantum (migrating from AES128 to 192 or 256 is a good idea unrelated to quantum, today, but no quantum specific threat)
  • asymetric crypto NOT safe (both RSA and ECC may be subject to QC, Shor’s algorithm
  • hybrid or PQC certs are
    • much larger in size and unclear how to stuff that into an EAP exchange
    • not standardised yet
  1. Next VC
    • 16 Dec 2025, 1530 CET
  • No labels