The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

[IAM David Bantz <dabantz AT alaska.edu>]

I've attempted to find institutions' instructions for manually configuring eduroam supplicants (because I have been charged to provide alternatives to present to users in addition to using CAT installers). I don't know whether I should be surprised, but essentially all instances I found omit designating the authentication service and verifying trust of the certificate it presents. It will be a little hard to maintain a firm stance for locking down these configurations if folks can point to other prestigious institutions that offer a simple "enter your netID and password" and click "automatically connect" as a way of configuring eduroam on their devices. 

Can anyone point me to detailed manual eduroam configuration instructions (particularly for Windows 10, as our CAT installer is failing to enable connecting with a certificate trust issue described in other posts)?

Have there been cases "in the wild" of fake eduroam SSIDs or MiM capturing users' credentials from insecurely configured supplicants? An example will likely carry more weight than only a technically possible risk.

Why are institutions advertising unsecured configurations? 

Thank you,

David Bantz

U Alaska