[OpenID-Specs-eKYC-IDA] Issue #1229: restricte_id in claims (openid/ekyc-ida)

AxelNennker issues-reply at bitbucket.org
Thu Feb 11 16:03:46 UTC 2021


New issue 1229: restricte_id in claims
https://bitbucket.org/openid/ekyc-ida/issues/1229/restricte_id-in-claims

Axel Nennker:

When a German eID or eAT \(residence permit\) is electronically read a restricted\_id can be created if the reader requests it.

The restricted\_id is bound to the card and the reader.

Every time the card is read the same restricted\_id is created.

This is like an OpenID Connect PPID or Mobile Connect PCR.

The restricted\_id should be stored in the claim.

Deutsche Telekom is using restricted\_id when reading eIDs according to TKG §111.

References in German:  
[https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03127/BSI-TR-03127.pdf?\_\_blob=publicationFile&v=2](https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03127/BSI-TR-03127.pdf?__blob=publicationFile&v=2)

[https://www.gesetze-im-internet.de/tkg\_2004/\_\_111.html](https://www.gesetze-im-internet.de/tkg_2004/__111.html)

‌




More information about the Openid-specs-ekyc-ida mailing list