Presentation is loading. Please wait.

Presentation is loading. Please wait.

Eduroam-ng TF-Mobility, Barcelona, 6 September 2005.

Similar presentations

Presentation on theme: "Eduroam-ng TF-Mobility, Barcelona, 6 September 2005."— Presentation transcript:

1 Eduroam-ng TF-Mobility, Barcelona, 6 September 2005

2 2 The current hierarchy Toplevel… ….au AA traffic goes through all intermediate entries All links are peer-to-peer agreements / static routes Authentication = authorization

3 3 Authenticate for everything? Toplevel… ….au

4 4 Service attributes Provider-id – – Service-id –SVP –A-Select –WLAN –Dial-Up –Is this too fine-grained?

5 5 The case Toplevel… ….au Where to connect? Who is going to manage that?

6 6 Towards p2p trust Diameter –Implementations not ready for production, or are they? DNSsec –New, hardly tested, requires adaptions to RADIUS servers DNSROAM+RadSec –New, limited testing experience, supported in Radiator, not (yet?) in FreeRADIUS

7 7 RadSec + DNSROAM RadSec: Secure Reliable Transport for RADIUS requests over TCP/IP using TLS –Encryption –Security –Message integrity –Strong mutual authentication DNSROAM –Use DNS service records to locate the peer

8 8 DNS-Roam? “eduroam PKI”.nl RA ….au RA RADSEC DNSsec instead?

9 9 DNS-Roam transition phase “eduroam PKI”.nl RA ….au RA RADSEC

Download ppt "Eduroam-ng TF-Mobility, Barcelona, 6 September 2005."

Similar presentations

Ads by Google