...
Benn reported there is no update at this time on the Failed authentication -auth-attempts-counter work. However, there was discussion of this topic at Advance CAMP: https://spaces.at.internet2.edu/display/ACAMPScribe2013/Tues+4.15pm+Monterey
...
Mary reported that Virginia Tech was certified under v 1.1 and is required to move to v 1.2 per the earlier announcement to the community.
Several issues around approved algorithms have required review as part of the 1.2 certification.
Concerning the SHA-1 issue, the hope is that the SP 's with which the Virginia Tech users interact will support SHA -2.
There is an effort to identify the relevant SP's for the VA Tech users and be sure those SP's can support SHA-2
Then VA Tech will implement the plug-in for SHA-2.
...
Use of eduroam is of interest at U. Florida. It was noted that eduroam does not ask for an AuthnContext, rather eduroam authentication is done via RADIUS servers.Ann noted that eduroam is a credential consumer (not a provider), so it does not fall under our current assurance program, but it does fall within the framework.
Mary commented that Virginia Tech does not use eduroam (they use another wireless server), and the use of RADIUS servers was considered a roadblock to use of eduroam. Ann mentioned that a some schools have separate passwords for their wireless service. Va Tech does this too.
====
Lee Trant reported that U. of Nebraska Medical Center has recently submitted documentation for Bronze certification.
The issues with SHA-1 and SHA-2 are of interest and it will be useful to discuss those on the "Reading Bronze" calls.
Ann noted the U. of Nebraska bronze application has been received by the AAC InCommon and a response will be forthcoming.
...