Skip to Content.
Sympa Menu

cat-users - Re: [[cat-users]] CAT access from guest network

cat-users AT lists.geant.org

Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

List archive

Re: [[cat-users]] CAT access from guest network


Chronological Thread 
  • From: Tom Ivar Myren <tom.myren AT uninett.no>
  • To: Stefan Winter <stefan.winter AT restena.lu>, "A.L.M.Buxey AT lboro.ac.uk" <A.L.M.Buxey AT lboro.ac.uk>
  • Cc: "cat-users AT lists.geant.org" <cat-users AT lists.geant.org>
  • Subject: Re: [[cat-users]] CAT access from guest network
  • Date: Wed, 15 Feb 2017 10:02:40 +0000
  • Accept-language: en-US, nb-NO


> 14. feb. 2017 kl. 14.37 skrev Stefan Winter
> <stefan.winter AT restena.lu>:
>
> Hi,
>
>> ummm..okay. so, this is documented...just need to give access to
>> cat.eduroam.org (A record, AAAA
>> coming...) - but for Android you also need the google play store access -
>> which is a rather large
>> and changing list..... and *then* there are some other issues
>>
>>
>> 1) some federations dont use car.eduroam.org - they use their own version
>> of CAT - so you will need
>> to poke holes for those too (and I dont recally there being a directory of
>> those instances....)
>>
>> 2) some sites dont allow their profiles to be downloaded from CAT - they
>> keep their own profiles
>> locally (so that, for example, they are known/tested and any change to CAT
>> doesnt mean that their
>> users are now all getting untested profiles with new features.....) so
>> those would also have to be allowed
>
> not to forget 3)
> CRL and OCSP hosts to validate the HTTPS certificate on cat.eduroam.org.
>
> Stefan
>
>
Thanks for your feedback.
The case here was an institution that wants to convert from having profiles
stored on local server to using CAT directly.
Using ACL’s with ip addresses will of course be a challenge.

And we can see CAT now do have ipv6 :-)

/Tom


Archive powered by MHonArc 2.6.19.

Top of Page