Download as PDF
Article
You will no doubt have already received advisories about vulnerabilities in the 1.0.1-series of OpenSSL[1] affecting TLS enabled services via the heartbeat extension.
The advice for Moonshot is very similar to an advisory you may have received from eduroam[2].
While there are no indications that CVE-2014-0160[3] is being actively exploited via TLS-based EAP-mechanisms or RADIUS/TLS (aka RadSec) at this time, the software used by Moonshot *is* vulnerable to a "heartbleed" attack.
Article
Those of you who have been following Moonshot for a while will be aware that from the outset we have been keen to get the technology adopted as a standard. Thanks to the hard work of the Application Bridging for Federated Access Beyond web (ABFAB) Working Group of the IETF, December saw an important milestone with the publication of three Moonshot-related RFC documents:
RFC 7055
Title: A GSS-API Mechanism for the Extensible Authentication Protocol
Author: Author: S. Hartman, Ed., J. Howlett
Article
General enquiries
The Project Manager is John Chapman. Please feel free to get in touch if you have any questions or require further information.
Getting started
Article
On 14th March 2013 Sam and Margaret from Painless Security hosted a Bar BOF meeting at IETF 86 to begin the process that will hopefully lead to the standardisation of Trust Router.
Article
** Note - this article refers to an old release. Trust Router v1.0 can be found via https://community.ja.net/groups/moonshot/article/trust-router-v10-now-available **
Be one of the first people in the world to run your very own trust router!
Article
On 14 November 2012 Janet hosted an online briefing on Moonshot, providing information on use cases, benefits, deployment requirements and introducing the Janet Moonshot Service Pilot that will launch in April 2013.
Article
We would like to invite you to participate in a Janet service pilot, to trial Moonshot technology at your organisation. The pilot will begin on 2 April 2013, and run for 18 months.
Article
As announced at moonshot-community@jiscmail.ac.uk Trust Router 1.0 was officially released (and tagged in the git repository) this week.
The following features have been added since the beta release:
Article
Rhys and I have spent this week at the Internet2 Fall Members meeting in Philadelphia where there has been a lot of discussion about Moonshot.
Article
In issue 21 of Janet News, published in June 2013, Dr Rhys Smith describes the technologies used in Moonshot and outlines the steps that take place when an application uses Moonshot for authentication.
Prev | Next