Group administrators:
Recent members:
eduroam(UK) Technical Specification v1.3
17 April 2014 at 4:38pm
MS Word version can be downloaded from icon above.
The document can also be found in the eduroam section of Community in the Documentation area.
Changes from version 1.2
- The discussion of participation models in chapter 2, Common Requirement and Recommendations, has been expanded in the interest of clarification and to illustrate that it is possible for a service to be provided on an out-sourced basis or on a completely managed basis.
- Requirement 6, the stipulation of a six months maximum retention period for RADIUS logs has been deleted since the maximum retention period is a matter decided by the participant's general data protection compliance or other policy.
- Wording added to the discussion section 2.3.2 to provide the reasoning behind removal of the maximum period for log keeping and to indicate best practice together with emphasising the reference to the Janet technical guide on logging. Minor wording changes also made to the first paragraph on time reference to improve readability.
- Requirement 32, non-local realm name defined to describe names other than those associated with the local participating organisation or partners of an organisation providing a managed service. Authentication requests containing user names with such non-local realm must be forwarded to the NRPS but forwarding of requests containing local realm names to the NRPS is explicitly prohibited.
- Requirement 35 and 36 expanded to include partner organisations in relation to administration of DNS domains from which realms are derived.
- New Requirement 37 inserted to mandate forwarding of local authentication requests directly to a partner organisation’s Home RADIUS servers where a Visited service is provided in partnership with another organisation, for instance by a managed service provider, and to prohibit forwarding by the managed service provider of such authentication requests to the NRPS.
- New Requirement 38 inserted to prohibit forwarding of requests between multiple partners where the partners are independent eduroam participants; i.e. bypassing the NRPS for authentications between partner organisations is prohibited. Note, this does not proscribe inter-organisation authentication between members of an association of co-operating organisations in which the association is a member of eduroam(UK) but individual organisations are not members in their own right.
- Requirement 37 renumbered to 39 and all subsequent requirements to 54 incremented by 2.
- Appendices updated.