[OpenID - Eu] Privacy and Security Risks when Authenticating on the Internet with European eID

Robert Ott ott at jnet.ch
Sat Dec 19 12:12:38 UTC 2009


We are currently in the process of bringing OpenID to attention with regards to SuisseID (http://www.suisseid.ch). Currently, the SuisseID specification solely defines SAML to be used for that purpose. I'm sure we'll be able to bridge that SAML protocol to OpenID give SuisseID users the possibility to broader use theirs SuisseID for all OpenID enabled sites.

Regards

Robert

On 19.12.2009, at 13:00, openid-eu-request at lists.openid.net wrote:

> Send eu mailing list submissions to
> 	openid-eu at lists.openid.net
> 
> To subscribe or unsubscribe via the World Wide Web, visit
> 	http://lists.openid.net/mailman/listinfo/openid-eu
> or, via email, send a message with subject or body 'help' to
> 	openid-eu-request at lists.openid.net
> 
> You can reach the person managing the list at
> 	openid-eu-owner at lists.openid.net
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of eu digest..."
> 
> 
> Today's Topics:
> 
>   1. Privacy and Security Risks when Authenticating on the
>      Internet with European eID Cards (Henrik Biering)
>   2. Re: Privacy and Security Risks when Authenticating on	the
>      Internet with European eID Cards (Martin Paljak)
>   3. Re: Privacy and Security Risks when Authenticating on	the
>      Internet with European eID Cards (Nat Sakimura)
> 
> 
> ----------------------------------------------------------------------
> 
> Message: 1
> Date: Fri, 18 Dec 2009 14:35:14 +0100
> From: Henrik Biering <hb at netamia.com>
> Subject: [OpenID - Eu] Privacy and Security Risks when Authenticating
> 	on the Internet with European eID Cards
> To: openid-eu at lists.openid.net
> Message-ID: <4B2B8512.8060100 at netamia.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> 
> ENISA has recently published a new report on:
> Privacy and Security Risks when Authenticating on the Internet with 
> European eID Cards
> http://www.enisa.europa.eu/act/it/eid/eid-online-banking
> 
> It references several other documents, including a previous report:
> Privacy Features of European eID Card Specifications
> http://www.enisa.europa.eu/act/it/eid/eid-cards-en
> 
> Best Regards,
> Henrik Biering
> =henrik
> 
> 
> 
> ------------------------------
> 
> Message: 2
> Date: Fri, 18 Dec 2009 16:39:25 +0200
> From: Martin Paljak <martin at paljak.pri.ee>
> Subject: Re: [OpenID - Eu] Privacy and Security Risks when
> 	Authenticating on	the Internet with European eID Cards
> To: Henrik Biering <hb at netamia.com>
> Cc: openid-eu at lists.openid.net
> Message-ID: <DF34BFE5-19B0-48F5-A789-5C0A1DCEE67D at paljak.pri.ee>
> Content-Type: text/plain; charset=us-ascii
> 
> 
> On 18.12.2009, at 15:35, Henrik Biering wrote:
> 
>> ENISA has recently published a new report on:
>> Privacy and Security Risks when Authenticating on the Internet with European eID Cards
>> http://www.enisa.europa.eu/act/it/eid/eid-online-banking
> 
> As we can see, there is no real adoption or probably even knowledge (on how to apply) of OpenID on that level.
> 
> But there is a single mention of OpenID(.ee)!
> 
> -- 
> Martin Paljak
> http://martin.paljak.pri.ee
> +372.515.6495
> 
> 
> 
> 
> 
> 
> ------------------------------
> 
> Message: 3
> Date: Sat, 19 Dec 2009 11:51:31 +0900
> From: Nat Sakimura <sakimura at gmail.com>
> Subject: Re: [OpenID - Eu] Privacy and Security Risks when
> 	Authenticating on	the Internet with European eID Cards
> To: Martin Paljak <martin at paljak.pri.ee>
> Cc: openid-eu at lists.openid.net
> Message-ID:
> 	<bf26e2340912181851m723dbaeavb83acf5644d0bd12 at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
> 
> As I understand, Lithuania is doing something on the national level.
> Any updates on those?
> 
> =nat
> 
> On Fri, Dec 18, 2009 at 11:39 PM, Martin Paljak <martin at paljak.pri.ee> wrote:
>> 
>> On 18.12.2009, at 15:35, Henrik Biering wrote:
>> 
>>> ENISA has recently published a new report on:
>>> Privacy and Security Risks when Authenticating on the Internet with European eID Cards
>>> http://www.enisa.europa.eu/act/it/eid/eid-online-banking
>> 
>> As we can see, there is no real adoption or probably even knowledge (on how to apply) of OpenID on that level.
>> 
>> But there is a single mention of OpenID(.ee)!
>> 
>> --
>> Martin Paljak
>> http://martin.paljak.pri.ee
>> +372.515.6495
>> 
>> 
>> 
>> 
>> _______________________________________________
>> eu mailing list
>> eu at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-eu
>> 
> 
> 
> 
> -- 
> Nat Sakimura (=nat)
> http://www.sakimura.org/en/
> http://twitter.com/_nat_en
> 
> 
> ------------------------------
> 
> _______________________________________________
> eu mailing list
> eu at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-eu
> 
> 
> End of eu Digest, Vol 28, Issue 17
> **********************************



More information about the eu mailing list