20150930 - Meeting minutes, Wednesday, September 30th, 2015 - OpenNCP integration with eID

OpenNCP integration with eID

 

 

Estimated - 13:00 to 14:00 CEST

Performed - 13:00 to 13:45 CEST

AGENDA

a) Status of eID

b) Next Steps

 

 

LOCATION

- Wiki+ WorkBench + AdobeConnect

PARTICIPANTS

Today's Meeting Participants:

Alexandre Santos

Joao Cunha

Rui Alves (Unlicensed)

S

michele.foucart

Stéphane Spahni

Massimiliano Masi

Ioannis Petrakis

@Alice Vasilescu (DG-DIGIT - eID)

Ortwin Donak

Soeren Bittins

[holidaysMarkus (Unlicensed)

 

Invited Members List:

Natasha Carl

Daniele Crespi

@Robert Scharinger

@Tomé Vardasca 

Licinio Kustra Mano

Kostas Karkaletsis

 

MEETING NOTES

 

0. Overview

      • Work Scope

        • Understand the scope of the integration of eID (from e-SENS) into OpenNCP.
      • Time Scope: 
        • OpenNCP Release with LARMS integrated (Level 1) until End of July - Integrated.

        • OpenNCP Release with LAM integrated (Level 2) - ??


1. Relevant Documentation (What's gathered so far)

The eID approach: The different levels

 

Level (Requirements)ModePilotAction by PatAttributes 
Level 0Manual input in the portal.epSOSMinimum D3.6.2  

Level 1

(disconnected mode possible)

LARMS

?? (eSENS eHeath OpenNCP 2.3.0 – floting  componento any portal

Pat gives card, does not type; 

Surname given name gender unique (health) identifier; Varies with each country*

RISK: not 100% sure individual ID

Level 3

(connection to internet and to Country A is needed/national PKIs via centraized service)

LAMb+Pat action

 

Patient confirms (mobile key; Pins of the card)

 

Allows “signed consent”

Authetication is possible

Level 4

(Does not use local functions of the card, uses online “information”; access to PEP)

DCA  Distributed CrossB Authentication

Stork II

Patient confirms (mobile key; Pins of the card) in a PC at the PoCare)

(atributes in the “assertion are the key issue”)

Confirms with National PKI everything;

Confirmes eIDAS.

Level 5

.Advanced Mobile APP solution  (AMAPP)

 

Use their mobile phone for full autentication without card need

  



2. Meeting Minutes:

Soeren Bittins: Unforeseen delay with components. Not related to the L2 components itself.

DSig Module used in STORK 2. Breaking the auto-deployment process.

Use in the meantime the Fraunhofer DSig. Not sure about CH or Turkey but should work on all countries.

We are sorry for the delay, Hopefully this week we will have new developments (tomorrow maybe).

Massimiliano Masi

Soeren Bittins: We will provide local configuration just for deployment.

TRC issuer - is now a L3 problem and not L2 - distributed cross-border authentication.

Alexandre Santos

Soeren Bittins: Time for testing.

Alexandre Santos: change TRC-STS to "talk" to LAM.

Soeren Bittins: There might be a change in NCP-A. L3 there will be changes in both NCP-A and B.

Alexandre Santos

Soeren Bittins

 

TO DO's:

      • Meeting in Brussels - eID DSI - 15th Oct 2015. STORK 2.0 to be included in e-SENS. Important decisions are to be made. OpenNCP Team should follow this, and also they are also a Stakeholder, so perhaps some questions / ideas are needed.
      • Being organized by EC eID DSI (@Alice is one of the members organizing).
      •  
        • Rui Alves (Unlicensed): Internally check if wether the OpenNCP has a position about this and are willing to participate or simply the PN's presence.
        • OpenNCP Team will receive new components in the next week and analyze the possible integration to discuss in the next meeting.
        • Rui Alves (Unlicensed): Include Natasha Carl and Alice (DIGIT) in the mailing list.
        • Rui Alves (Unlicensed) check GR request with PT Team (include Tomé for translations needed - Soeren's e-mail)

 

3. AOB



NEXT MEETING