This program update was provided by WBA OpenRoaming Standards Group Chair Mark Grayson.

The OpenRoaming federation, a transformative initiative designed to enable automatic, scalable, and secure connections onto private wireless networks, continued to revolutionize roaming adoption in 2024. Let’s take a look back at the significant advances made this past year.

  • Crowdsourcing OpenRoaming Deployments

Over the past year, the WBA has continued its collaboration with Wigle (www.wigle.net), a leading platform for crowdsourcing Wi-Fi networks, to enhance its systems to enable identification of OpenRoaming deployments. In 2024, Wigle updated its query APIs to search for Roaming Consortium Organizational Identifiers (RCOIs), a crucial element of the OpenRoaming specification. These updates have been integrated into WBA’s systems, allowing the identification of OpenRoaming networks observed every 24 hours. This data is visualized in a crowdsourced map, available at OpenRoaming Maps, which was launched at WBA’s Wireless Global Congress Americas in Dallas, June 2024.

  • Updates to WBA’s Public Key Infrastructure

2024 marked a significant evolution in the certificate chains underpinning trust and security within the federation. The transition of the legacy certificate authority to WBA in 2020 laid the groundwork for securing the federation. Now, an updated certificate policy has been published, available at WBA PKI Repository, which establishes a WBA-operated root certificate authority. All backend systems have been updated with this new certificate chain, and a switch-over for issuing certificate authorities is planned for February 3 2025, by which time all deployed OpenRoaming systems will need to have their trust anchors updated. Additionally, WBA’s Agent API that allows WBA members to operate as a PKI Registration Authority has been enhanced to improve security handling while functionality has been added, enabling agents to manage OpenRoaming network configurations and request batches of certificate for equipment configuration.

  • OpenRoaming Service Assurance

In 2024, the Internet-Draft describing the federation saw further refinements. A key presentation at IETF 121 highlighted the need to share insights into Wi-Fi experiences between OpenRoaming Access Network Providers and Identity Providers. With OpenRoaming deployments often occurring in complex environments, there is an increasing need for network metric visibility. WBA’s Access Network Metrics project team is driving this work and WBA’s OpenRoaming team plans on integrating these insights into future OpenRoaming specifications. Addition updates to OpenRoaming specifications were made to streamline troubleshooting across the distributed federation. The policy associated with WBA’s Issuing Intermediate Certificate Authority now requires a contact email for troubleshooting be embedded within OpenRoaming certificates, facilitating direct issue resolution and avoiding bottlenecks in federation scaling.

  • OpenRoaming Federated Onboarding Service

March 2024 saw the publication of the OpenRoaming Federated Onboarding Services (FOS) Specification. The FOS specification details architecture, protocols, and functionalities, including oAuth/SAML support by IDPs and remote user onboarding via a global portal. The process involves selecting IDPs, verification through oAuth tokens, and profile generation for operating systems such as iOS, Android, Windows, and macOS. FOS also facilitates user authentication on OpenRoaming networks using RadSec for secure communication.

  • OpenRoaming for IoT

Significant strides were made in using OpenRoaming for IoT applications in 2024. In November, WBA published the “OpenRoaming for IoT” white paper, detailing how OpenRoaming can be paired with FIDO Device Onboard functionality for efficient, zero-touch device onboarding. The WBA team has prototyped embedding OpenRoaming Passpoint attributes into client certificates, enabling automatic functionality in IoT devices configured for EAP-TLS. Ongoing collaborations aim to drive adoption in non-smartphone use cases, with updates to the OpenRoaming specification already approved that define policies for “short-lived” IoT credentials.

  • OpenRoaming for Private 5G

In March, the OpenRoaming co-chairs, Intel and Cisco, concluded work on defining requirements for OpenRoaming concepts within 3GPP. The 3GPP TS 22.261 now includes requirements for SNPN Cellular Hotspots, facilitating connectivity similar to WLAN hotspots using 5G network technology. As stage 1 work completes, focus shifts to defining stage 3 protocol support for these use cases.

  • Join the Groundbreaking Initiative

In conclusion, OpenRoaming’s momentum continues to grow. As the co-chairs of the WBA’s OpenRoaming Standard Group, we encourage venues, vendors, service providers, and identity providers to join WBA OpenRoaming. Together, we can revolutionize global roaming adoption, paving the way for seamless and secure access on private wireless networks. The journey is ongoing, and the prospects for 2025 are promising.