cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow geteduroam
Chronological Thread
- From: Tomasz Wolniewicz <twoln AT umk.pl>
- To: cat-users AT lists.geant.org
- Subject: Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow geteduroam
- Date: Wed, 24 Feb 2021 20:50:18 +0100
- Dkim-filter: OpenDKIM Filter v2.11.0 outgoing.umk.pl BDEB92006A
Dear Colleagues,
Is it expected that all current CAT profiles will work "out-of-box" with geteduroam ?
Yes.
geteduroam can work in two ways. The first is to simply install CAT profiles either by selecting one from the internal institutions list (obtained from CAT) or by "running" the downloaded profile with the the app. The second is a part of a user provisioning system, where the users need to login to the geteduroam service and be provided with an individual configuration profile contacting a personal certificate.
At the moment we are only talking of replacing eduroamCAT app
therefore no additional CAT configuration is needed, The
networking APIs on Android are changing and eduroamCAT is no
longer maintained therefore the replacement for the newer systems
is simply required.
I hope that the geteduroam developers will be able to provide more details.
Cheers
Tomasz
At geteduroam FAQ (https://www.geteduroam.app/about/faq/)
under "How does the geteduroam app know of participating IdPs"
question it is mentioned:
"geteduroam uses CAT for the institution list. A CAT profile can
be marked as an geteduroam profile with a server URL, which then
will cause the app to initiate a flow to obtain a client
certificate instead of configuring a TTLS/PEAP profile."
And under "Creating a geteduroam profile in CAT" (https://www.geteduroam.app/idp/cat)
it is mentioned that
each CAT profile should be specifically configured to be used by
geteduroam app.
Did you test what happens if CAT profile is not reconfigured
for geteduroam (which I think is the case for many profiles now)
?
I doubt that fact "Android devices now point to the geteduroam
app rather then the legacy eduroamCAT"
may result in crashing android config.
Since geteduroam requires profile-specific configuration,
it might be better for now to have each profile owner to choose
if they want
"Android devices to point to the geteduroam app rather then the
legacy eduroamCAT" or not
-- Regards, Arthur Petrosyan | Dr. Arthur Petrosyan | -------------------------------------------------------- | Senior Scientific Researcher, Head of Network and Cloud Services Direction, | Deputy Head of Computational and Cognitive Networks Department at the | Institute for Informatics and Automation Problems /IIAP/ | National Academy of Sciences of Armenia /NAS RA/, | Academic Scientific Research Computer Network of Armenia /ASNET-AM/ | HTTP://www.asnet.am/ E-mail: arthur AT sci.am | Phone: +37410 526742 Fax: +37410 569281 | --------------------------------------------------------
The modern Android devices now point to the geteduroam app rather then the legacy eduroamCAT
Are you sure? Did you already thoroughly test this app on different mobile devices?
We thought geteduroam was in a pre-release state since we
experienced a weird interaction with other phone apps that
lead to phonebook icons overwriting.
Reproducible on at least these smartphones
Samsung Galaxy A71 SM-A715F Android 10
Samsung Galaxy A40 SM-A405FN Android 10
Please find screenshots attached.
Problem arises upon app installation and disappears on app
uninstall.
Cheers
Tomasz Wolniewicz
Hello!
It's been little while since our last update of eduroam CAT. A number of small bug fixes accumulated over time, and there are a few "mini" features that deserve cutting a release 2.0.4.
The notable features are:
- [FEATURE #1] The system now sends out
notification/alert mails if a significantly security
relevant parameter was changed. The mails go to the NRO
admin. Significant changes are:
- change of institution name
- addition of a new root CA (with more prominent WARNING if the new CA has the same DN as an existing one)
- addition of a new acceptable server name - [FEATURE #2] support negotiation of TLS versions higher than 1.0 while still rejecting SSL2 and SSL3
- [FEATURE #3] realm reachability checks now produce a WARNING level message if the EAP server does not support TLS1.2 or higher
- [FEATURE #4] check whether SRV-discovered hostname and certificate hostname match
Also, we are happy to add a new translated language:
welcome, Română (Romanian).
You can find the tarball on GitHub as usual ( https://github.com/GEANT/CAT/releases/download/v2.0.4/CAT-2.0.4.tar.bz2 ) but for most of you the most interesting question is probably when the new code will be deployed on https://cat.eduroam.org.
We have reserved a maintenance slot for that tomorrow, 1300 CET. The expected downtime is in the seconds range, so you would be particularly unlucky to notice at all.
As usual, if you notice new buggy behaviour of any sorts after the update, please let us know.
Greetings,
Stefan Winter
-- Tomasz Wolniewicz twoln AT umk.pl http://www.home.umk.pl/~twoln Uniwersteckie Centrum Informatyczne Information&Communication Technology Centre Uniwersytet Mikolaja Kopernika Nicolaus Copernicus University, pl. Rapackiego 1, Torun pl. Rapackiego 1, Torun, Poland tel: +48-56-611-2750 tel kom.: +48-693-032-576
-- ------------------------------------------- Daniele Albrizio Università degli Studi di Trieste | University of Trieste Ufficio Reti di Ateneo | University Networks Office Via Alfonso Valerio 12 - 34127 Trieste (Italy) daniele.albrizio AT units.it Tel. | Ph. +39 040 558 3319To unsubscribe, send this message: mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users
Or use the following link: https://lists.geant.org/sympa/sigrequest/cat-users
-- Tomasz Wolniewicz twoln AT umk.pl http://www.home.umk.pl/~twoln Uniwersteckie Centrum Informatyczne Information&Communication Technology Centre Uniwersytet Mikolaja Kopernika Nicolaus Copernicus University, pl. Rapackiego 1, Torun pl. Rapackiego 1, Torun, Poland tel: +48-56-611-2750 tel kom.: +48-693-032-576
Attachment:
smime.p7s
Description: Kryptograficzna sygnatura S/MIME
- [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow, Stefan Winter, 02/24/2021
- Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow, Tomasz Wolniewicz, 02/24/2021
- Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow, Daniele Albrizio, 02/24/2021
- Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow geteduroam, Arthur Petrosyan, 02/24/2021
- Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow geteduroam, Tomasz Wolniewicz, 02/24/2021
- Re: [[cat-users]] [External] Re: CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow, Hunter Fuller, 02/24/2021
- Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow, Paul Dekkers, 02/25/2021
- Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow, Guy Halse, 02/25/2021
- Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow geteduroam, Arthur Petrosyan, 02/24/2021
- Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow, Daniele Albrizio, 02/24/2021
- Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow, Stefan Winter, 02/25/2021
- Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow, Daniele Albrizio, 02/25/2021
- Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow, Stefan Winter, 02/25/2021
- [[cat-users]] CAT 2.0.4 installed, Tomasz Wolniewicz, 02/25/2021
- Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow, Paul Dekkers, 02/25/2021
- Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow, Stefan Winter, 02/25/2021
- Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow, Stefan Winter, 02/25/2021
- Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow, Daniele Albrizio, 02/25/2021
- Re: [[cat-users]] CAT 2.0.4 released and to be deployed on cat.eduroam.org tomorrow, Tomasz Wolniewicz, 02/24/2021
Archive powered by MHonArc 2.6.19.