20150918 - Meeting minutes, Friday, September 18th, 2015 - OpenNCP integration with eID
OpenNCP integration with eID
Estimated - 15:00 to 16:00 CEST
Performed - 15:00 to 16:00 CEST
AGENDA
a) Status of eID
b) Next Steps
- Wiki+ WorkBench + AdobeConnect
- AdobeConnect:
http://ec-wacs.adobeconnect.com/openncp/
Room Passcode: ask Rui Alves (Unlicensed) or markus.kalliola
----------------
If you have never attended an Adobe Connect meeting before:
Test your connection: http://ec-wacs.adobeconnect.com/common/help/en/support/meeting_test.htm
Get a quick overview: http://www.adobe.com/products/adobeconnect.html
Adobe, the Adobe logo, Acrobat and Adobe Connect are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries.
----------------
PARTICIPANTS
Today's Meeting Participants:
@Alice Vasilescu (DG-DIGIT - eID)
[Apologizes] Daniele Crespi
Invited Members List:
@Robert Scharinger
@Tomé Vardasca
MEETING NOTES
0. Overview
Work Scope
- Understand the scope of the integration of eID (from e-SENS) into OpenNCP.
- Time Scope:
OpenNCP Release with LARMS integrated (Level 1) until End of July - Integrated.
OpenNCP Release with LAM integrated (Level 2) - ??
1. Relevant Documentation (What's gathered so far)
- e-SENS Video: Short demonstration of the eID use-case from e-SENS (LARMS): to be made available.
- e-SENS eHealth - eID Sub-Group Meeting Slides from Soeren Bittins and Massimiliano Masi:
The eID approach: The different levels
Level (Requirements) | Mode | Pilot | Action by Pat | Attributes | |
---|---|---|---|---|---|
Level 0 | Manual input in the portal. | epSOS | Minimum D3.6.2 | ||
Level 1 (disconnected mode possible) | LARMS | ?? (eSENS eHeath OpenNCP 2.3.0 – floting componento any portal | Pat gives card, does not type; | Surname given name gender unique (health) identifier; Varies with each country* | RISK: not 100% sure individual ID |
Level 3 (connection to internet and to Country A is needed/national PKIs via centraized service) | LAMb+Pat action | Patient confirms (mobile key; Pins of the card) | Allows “signed consent” Authetication is possible | ||
Level 4 (Does not use local functions of the card, uses online “information”; access to PEP) | DCA Distributed CrossB Authentication | Stork II | Patient confirms (mobile key; Pins of the card) in a PC at the PoCare) | (atributes in the “assertion are the key issue”) | Confirms with National PKI everything; Confirmes eIDAS. |
Level 5 | .Advanced Mobile APP solution (AMAPP) | Use their mobile phone for full autentication without card need |
2. Meeting Minutes:
- Overview from eID Sub-Group Meeting (e-SENS) - Aug 2015 - Berlin.
- Waiting for availability from this new components, looking for source of Portal.
- New developments: eID L2 is ready for all PNs.
- We're working on satisfying the legal aspects
- Mail sent with needed info.
- Planning to deliver the components of beggining of next week.
Markus (Unlicensed): Legal aspects?
Soeren Bittins: Real cards not have been particulary used for testing. We need to comply with restrictions of use... L2 is making use of those signatures (card bearers) - but for now we are in a pilot environment.
legal questions:
- real card certificate material
- patient must be in accordance to document (treatment and retrieve of data should not be coherced)
Rui Alves (Unlicensed): So we can only begin to predict the effort needed to integrate these new components next week, right?
Alexandre Santos: Yes.
Rui Alves (Unlicensed): Is there any pending question?
Alexandre Santos: We have Tomé Vardasca in PT as eID expert and it is needed to share this info (from Soeren) to partners to deal with partners.
Soeren Bittins: Those components to be automatically deployed need to be signed (Downside of deployment new components)
As soon as we have CS supporting...
Patient Information Notification (PIN)
jar includes templates for each country
- in the future, integrate with central services for pulling information
Soeren Bittins: We can now start to aprroach STORK 2.0 eHealth Integration (HP authN in their own countries)
Germany is not running STORK 2.0 - Fraunhofer will not have access to a proper testing position
I antecipate 2 weeks for having components ready for it
Request for IT and PT - accept request from GR -
- Rui Alves (Unlicensed) check this with PT Team
- Rui Alves (Unlicensed) check this with PT Team
@Alice: eIDAS about Ger - pilot under e-SENS between Germany and Netherlands going to eIDAS - suggests Soeren to search for this.
Soeren Bittins: Marcello alerted about file structure of CS - we would need to change the structure of CS - without SMP/SML - not possible to have 2 files for same country. Question for Ortwin about Luxembourg - French
Markus (Unlicensed) - testing strategy, continuous integration, what is the plan?
Massimiliano Masi: There will be test assertions converted into tests in gazelle. In e-SENS the test-cases are defined.
Markus (Unlicensed): any documentation? What components need to be modified?
Soeren Bittins: There is a long document in 5.2 with some kind of this information. Justification of Components, business... sequence diagrams.
Markus (Unlicensed): Does it take into consideration eHealth requirements?
Soeren Bittins: 100% following eHealth requirements. We need to ask to make the components more generalized to other domains (within e-SENS), but primary focus is eHealth.
Markus (Unlicensed): Link to Minutes?
Soeren Bittins: would like the OpenNCP to be considered stakeholders in e-SENS, to facilitate information exchange.
Massimiliano Masi: Relation from SMP and eID
LAM need configs that cannot be hardcoded in the jar
Joao Cunha: Will we be able to use eID L2 without SMP/SML?
Massimiliano Masi: It is not mandatory, but helpful.
LAM needs configs that cant be hardcoded
to avoid interaction with the user -> use smp record which contains info about the NI to handle the TRC-STS
- which certs? which url? etc
SMP not mandatory for eid level 2 (useful, since it'll help to discover the info, but not mandatory)
3. AOB
NEXT MEETING - - 13:00 CEST
- Rui Alves (Unlicensed): Follow-Up + Schedule Next Meeting.
- Rui Alves (Unlicensed): Include Natasha Carl and Alice (DIGIT) in the mailing list.
- Rui Alves (Unlicensed) check GR request with PT Team (include Tomé for translations needed - Soeren's e-mail)