Difference between revisions of "EIDAS 2.0"
(→References) |
|||
| Line 14: | Line 14: | ||
==Problems== | ==Problems== | ||
[[File:EIDAS not trustworthy.jpg]] | [[File:EIDAS not trustworthy.jpg]] | ||
| + | |||
| + | ===Comments from IIW 2023-04--- | ||
| + | from 0- Giuseppe | ||
| + | Working on the next release of the ARF (1.2) [Architectural Reference Framework]. Tech spec that must be adopted in the EIDAS system | ||
| + | User stories from the Italian Delegation -- https://docs.google.com/document/d/1SLoEHBLcsPJ-TCt9iIBCCGk4CzXehFn0ijswMBPUbFY/edit | ||
| + | References OIDC4VP, OIDC4VCI, SIOPv2, Selective disclosure JWTs | ||
| + | Specified specs for online and offline use cases | ||
| + | Working on the details of the trust model | ||
| + | Also pushing OpenID Connect Federation as part of the trust model | ||
| + | Have the wallet ecosystem leverage OpenID Connect Federation | ||
| + | Won't use only x509 | ||
| + | Revocation list is another area that needs more specification | ||
| + | Some discussion on revocation lists (status list) - Christian | ||
| + | Tobias working on a proposal - Christian | ||
| + | targeting IETF for this work - Christian | ||
| + | Status-list uses JSON LD - Giuseppe | ||
| + | Need "official" specs not just individual drafts | ||
| + | x509 (?) Trusted list | ||
| + | More interested in OpenID Federation trust chain - Giuseppe | ||
| + | Trust Management - Christian | ||
| + | small session at IIW | ||
| + | an area that still needs work across the industry | ||
| + | Italian Delegation shared doc - Giuseppe - https://docs.google.com/document/d/1uL61cfbFsOxC9zMJV81iTTUc7ZOv_WFgLD5Ruyr_fJ8/edit# | ||
| + | Working with European Blockchain group for digital identity to propose an API based on OpenID Federation - Giuseppe | ||
| + | TLS is not sufficient for trust | ||
==References== | ==References== | ||
[[Category: Regulation]] | [[Category: Regulation]] | ||
Revision as of 20:40, 7 May 2023
Contents
Full Title
Electronic Identification, Authentication and Trust Services (eIDAS)
Context
European Identifier Standards
eIDAS (electronic IDentification, Authentication and trust Services) is an EU regulation on electronic identification and trust services for electronic transactions in the European Single Market. It was established in EU Regulation 910/2014 of 23 July 2014. All organizations delivering public digital services in an EU member state must recognize electronic identification from all EU member states from September 29, 2018.
European Digital Identity (EUDI)
The European Digital Identity is based on a European Commission document called “European Digital Identity Architecture and Reference Framework” that has established the functional and architectural requirements for an upcoming European Digital Identity Wallet.
Problems
===Comments from IIW 2023-04---
from 0- Giuseppe Working on the next release of the ARF (1.2) [Architectural Reference Framework]. Tech spec that must be adopted in the EIDAS system User stories from the Italian Delegation -- https://docs.google.com/document/d/1SLoEHBLcsPJ-TCt9iIBCCGk4CzXehFn0ijswMBPUbFY/edit References OIDC4VP, OIDC4VCI, SIOPv2, Selective disclosure JWTs Specified specs for online and offline use cases Working on the details of the trust model Also pushing OpenID Connect Federation as part of the trust model Have the wallet ecosystem leverage OpenID Connect Federation Won't use only x509 Revocation list is another area that needs more specification Some discussion on revocation lists (status list) - Christian Tobias working on a proposal - Christian targeting IETF for this work - Christian Status-list uses JSON LD - Giuseppe Need "official" specs not just individual drafts x509 (?) Trusted list More interested in OpenID Federation trust chain - Giuseppe Trust Management - Christian small session at IIW an area that still needs work across the industry Italian Delegation shared doc - Giuseppe - https://docs.google.com/document/d/1uL61cfbFsOxC9zMJV81iTTUc7ZOv_WFgLD5Ruyr_fJ8/edit# Working with European Blockchain group for digital identity to propose an API based on OpenID Federation - Giuseppe TLS is not sufficient for trust
