eduroam

Advisory issued by eduroam.OT 08/04/2014 It has come to our attention that there are vulnerabilities in the relatively new 1.0.1-series of OpenSSL (as detailed by http://heartbleed.com/) affecting TLS enabled services via a heartbeat extension. While there are no indications that this affects TLS-based EAP-mechanisms or RADIUS/TLS (aka RadSec) at this time, the operational team has made the decision to upgrade OpenSSL to versions implementing a fix for CVE-2014-0160

TLS 1.2 and updated RADIUS requirements

alan buxey

12 November 2015 at 7:12pm

eduroam

TLS 1.2

upgrade

TL;DR - TLS 1.2 negotiation in forthcoming OS releases require sites running RADIATOR, FreeRADIUS 2 and FreeRADIUS 3 to upgrade, NPS sites may need reconfiguring. Overview

FreeRADIUS Best Current Practice Configuration for eduroam

Edward Wincott

13 July 2015 at 3:41pm

FreeRadius

FreeRADIUS demystified

eduroam

Author - Dr Alan Buxey 27/2/2012

Jun 15: The West Yorkshire Hospitals eduroam project – NHS Trusts as eduroam members (visited site) - Gareth Frith

Malcolm Teague

11 June 2015 at 11:26am

Gareth Frith is base at the Leeds Institute of Medical Education (LIME) at Leeds University and he describes the innovative project in West Yorkshire to enable 9 NHS Trusts join eduroam as visited sites, thus enabling eduroam for clinical placement students and visiting/in situ academics. This is a new approach - the Trust uses their own commercial internet connection to facilitate the connectivity for both the authentication and resultant internet access, i.e. separate from N3. Clive Gwyther is the consultant that has worked directly with the Trusts on the implementations.