Any chance of a link to specs showing how it is done? Might be something that maybe deserves to see wider use. On Sat, Jul 24, 2010 at 9:19 AM, IETF Chair <chair@xxxxxxxx> wrote: > eduroam (education roaming) is the secure, world-wide roaming access > service developed for the international research and education > community. eduroam allows students, researchers and staff from > participating institutions to obtain Internet connectivity across campus > and when visiting other participating institutions by simply opening > their laptop. Since we expect a reasonable attendance at IETF from > eduroam-connected sites, IETF participants with an eduroam account > configured, should get connected to the wireless network right away with > their usual credentials. > > Enjoy, > Russ > > On 6/30/2010 5:55 PM, IETF Chair wrote: >> I am writing to let you know about a change in the IETF meeting network. >> At IETF 79 in Beijing, the IETF network will be connected to the open >> Internet with absolutely no filtering. However, we have agreed with our >> hosts that only IETF meeting participants will have access to the >> network. Following sound engineering practices, we will deploy >> admission control mechanisms as part of the IETF 78 meeting network in >> Maastricht to ensure that they are working properly before they are >> mission critical. >> >> I am writing to let you know what to expect in both Maastricht and Beijing. >> >> >> ADMISSION CONTROL CREDENTIALS >> >> To gain access to the IETF network, you will need to provide a >> credential. Your primary credential will be your registration ID. You >> can find your registration ID on the registration web page, in the >> response email confirmation you received from the Secretariat, on your >> payment receipt, and on the back of your IETF meeting badge. Your >> Registration ID will be your user name, and it will be used with a >> password that will be provided at a later date. This same password will >> be used by all attendees. >> >> We recognize that IETF 78 registration IDs are very easy to guess. We >> expect to use less easily guessed registration IDs for IETF 79. >> >> If for any reason you are uncomfortable using your Registration ID, >> there will be a supply of completely anonymous Registration ID/Password >> pairs on slips of paper available at the help desk and registration >> desk. You will be asked to show an IETF meeting badge to ensure that >> slips are only provided to registered meeting attendees. >> >> Each set of credentials will allow up to three separate MAC addresses on >> the network, allowing attendees to use the same credential for their >> laptop, phone, or other devices. The limit is to prevent the leak of a >> single credential from undermining the entire system. >> >> >> GAINING ACCESS TO THE NETWORK >> >> The primary mechanism to gain access to the wireless network will be >> either the "ietf.1x" or "ietf-a.1x" SSID. These will be configured with >> WPA1 and WPA2 Enterprise. You simply provide your credentials to your >> supplicant software for authentication to the network. I personally >> encourage you to use WPA2 over WPA1 if your software and hardware >> support both. >> >> If your software does not support WPA Enterprise, you can use the >> captive portal. To use this portal, associate with either the >> "ietf-portal" or "ietf-a-portal" SSID. Upon initial connection, >> Internet connectivity will be blocked. Simply open a browser and go to >> any web site, just like many hotel networks, and you will be redirected >> to a portal page where you can enter your credentials. Once the >> credentials are validated, your MAC address will have unrestricted >> access to the network for some period of time. The portal page will >> also have links to the internal wiki page with helpful information as >> well as a way to create trouble tickets prior to authentication. >> >> If your small devices does not support WPA Enterprise and does not have >> a browser, then you will be able to visit the help desk and register the >> device MAC address for access to the network. If you need to register >> your device, please know the MAC address of your device before you show >> up at the help desk. >> >> >> FALLBACK PLAN >> >> Implementing this plan at IETF 78 in Maastricht is important, but >> obviously not without risk. The IEEE 802.1X-based access mechanisms >> have been well tested at previous meetings, and this mechanism is not >> likely to be a source of trouble. The captive portal, however, is a >> greater unknown. Please use the WPA SSIDs if at all possible to reduce >> the load on the portal machines. If the portals do experience problems, >> the NOC team will implement a backup plan. The backup plan will only be >> used as a last resort as the backup plan will not be an option at IETF >> 79 in Beijing. >> >> >> Safe Travel and Best Wishes, >> Russ Housley >> IETF Chair >> >> _______________________________________________ >> Ietf mailing list >> Ietf@xxxxxxxx >> https://www.ietf.org/mailman/listinfo/ietf >> > _______________________________________________ > Ietf mailing list > Ietf@xxxxxxxx > https://www.ietf.org/mailman/listinfo/ietf > -- Website: http://hallambaker.com/ _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf