This document describes the content that should be included in an ‘eduroam service information’ web page on a publicly accessible web site for all participating organisations – as required in the eduroam(UK) Technical Specification.

Content Overview and Accessibility

There is a certain mandatory minimum information content defined in the Technical Specification as described below. This is followed by recommended content. Note that Visited organisations’ eduroam service information web pages are subject to more extensive requirements than those for Home sites.

The web page(s) should include sufficient ‘how to get started’, ‘how to use’, ‘where to get support’ and ‘policies and responsibilities’ information to enable the organisation’s own users and visitors to the organisation to gain maximum benefit from the service during their time at the organisation and whilst visiting other eduroam-enabled sites.

The web page(s) must be accessible from the Internet (and in cases where Internet access is limited, from the organisation’s internal network). It is recommended that Visited organisations should ensure that their eduroam service information website is accessible using small form-factor devices such as PDAs.

In recognition that participating organisations have differing approaches to the publication of material on their web sites and to keep the mandatory requirements as simple as possible, this guide separates out the key mandatory information from the more comprehensive information that we recommend is included on the info page, as follows:

• Common mandatory minimum content for both Home and Visited service providers (A)
• Additional mandatory minimum content for Home sites (B)
• Additional mandatory minimum content for Visited sites (C)
• Recommended additional content for both Home and Visited service providers (D)

eduroam Information Pages Content

A) Minimum content for both Home and Visited service providers:

• The type of eduroam service being provided at the site, Home and/or Visited and the operational status of the service. (It is essential that users are able to form accurate expectations of the service being provided by the organisation).
• The text of, or a link to, the participating organisation’s acceptable use policy (AUP), where applicable.
• A link to the eduroam(UK) Policy must be included
• The eduroam logo linking to the European eduroam website (www.eduroam.org)

B) Additional minimum content applicable to Home (Identity) service providers:

• A link to the eduroam(UK) web site Where you can use eduroam in the UK  page (https://community.jisc.ac.uk/library/janet-services-documentation/where-can-i-eduroam-uk). (To provide users with a way of finding out which other organisations offer eduroam and service information at those locations).
• A statement requiring users to remove the eduroam profile from their devices when their association with the organisation ends.

C) Additional minimum content applicable to Visited participant:

• A Visited organisation must provide sufficient information to enable visitors to identify where the service is available and how to access the service; at a minimum this must include the locations covered and requisite wireless cipher settings.
• If the organisation has deployed an application or interception proxy on their eduroam network, the following information must be included: a statement that a proxy is in place and if the proxy is not transparent, documentation on the configuration of applications to use the proxy.

[Nb. We recommend that Visited organisations should not deploy application or ‘interception’ proxies on the visitor network. This is because applications commonly require special configuration to use a proxy, which reduces usability and may increase the support burden. The presence of a proxy may also break some applications. Likewise ‘interception’ proxies, often used by intrusion and virus detection systems, may result in the user experiencing unexpected network behaviour].

D) Recommended content applicable for both Home and Visited participants:

• We recommend that the web site contains introductory text about eduroam, describing basically what eduroam provides for your staff and students.
• Most importantly, Home organisations should describe how users can configure 802.1X on their laptops and other devices and if necessary download 802.1X supplicants and client certificates (or get support with these tasks) and how to update certificate Trusted Root CAs/Intermediate lists for your ORPS server certificate (if necessary).
• Home organisations also need to provide instructions for users on how to connect to eduroam networks using their network credentials for wired and wireless client devices. This is particularly relevant for Home-only organisations where roaming username may be different from the username for the local network (i.e. roaming credentials include realm component).
• In addition Home organisations could add information about the applications that are offered to remotely authenticated users, e.g. web mail, VPN.
• It is important that users should be advised that if they require support at a remote site they should contact their Home site in the first instance, unless the problem is clearly a Visited site WLAN failure.
• Visited organisations may wish to publish details of any IP filtering policies they impose on their eduroam network. This will be helpful for visitors in understanding why certain applications may not work on your eduroam network. It may also assist Home organisations in supporting their users without needing to contact local support staff at the Visited organisation.