Teaching eduroam users to securely use the eduroam infrastructure is complicated and must be done on a home-institutional basis due to varying configurations. There are several details in the use of eduroam which can be confusing as well. The end-user configuration section of this Administrator Guide has some information.
The security of the eduroam infrastructure as a whole is a top-priority. Enhancing and maintaining the security of the infrastructure is of particular interest to the eduroam-US team.
- An excellent paper by Jan Tomášek: Effects of Incorrect EAP Termination in eduroam
- An overview of wireless security with 802.1x by Steve Riley: Wireless LAN Security with 802.1x, EAP-TLS, and PEAP
Research in the security of eduroam is ongoing. If you find security issues within the system or have suggestions on ways to solve known problems, please email firstname.lastname@example.org.