> *Technically* you can have upper case characters in your outer identity (e.g.
> [log in to unmask]), underscores in the outer identity or a blank
> outer identity (e.g. @camford.ac.uk) *however* in practice you will find that
> some organisations have incorrectly implemented their RADIUS servers and
> so drop authentications which meet one or the other of those criteria.
Bear in mind, sometimes the vendor are the ones incorrectly implementing it. I know Cisco ISE wasn't exactly standards compliant in the early days, so I'm not sure how it handles underscores now.
Personally, I feel underscores are bad from a usability point of view, as many users can't figure out how to type one anyway, and in some circumstances they disappear if the text is converted to a URL automagically by something (my Outlook did, for example). I'd avoid it, I think you'll OP will have more issues internally, than with eduroam and the likes.
Regards
--
David Rickard
Infrastructure Architect
IS&T Directorate
Buckinghamshire New University
High Wycombe Campus
Queen Alexandra Road
High Wycombe
Buckinghamshire HP11 2JZ
Telephone: 01494 601 649
Facsimile: 01494 524 392
Main Switchboard: 01494 522 141, ext. 1649
bucks.ac.uk
|