20151105 - Meeting minutes, Thursday, November 5th, 2015 - OpenNCP integration with eID

OpenNCP integration with eID

 

 

Estimated - 13:00 to 14:00 CET

Performed - 13:00 to 14:00 CET

AGENDA

a) Status of eID

b) Next Steps

 

 

LOCATION

- Wiki+ WorkBench + AdobeConnect

PARTICIPANTS

Today's Meeting Participants:

Rui Alves (Unlicensed)

Alexandre Santos

Joao Cunha

Markus (Unlicensed)

Natasha Carl

S

@Alice Vasilescu (DG-DIGIT - eID)

Massimiliano Masi

Ortwin Donak

Stéphane Spahni

Marcello Melgara

@Robert Scharinger

 

Invited Members List:

michele.foucart

Ioannis Petrakis

 

Licinio Kustra Mano

Soeren Bittins

@François

Daniele Crespi

@Tomé Vardasca 

Kostas Karkaletsis

 

MEETING NOTES

0. Overview

      • Work Scope

        • Understand the scope of the integration of eID (from e-SENS) into OpenNCP.
      • Time Scope: 
        • OpenNCP Release with LARMS integrated (Level 1) until End of July - Integrated.

        • OpenNCP Release with LAM integrated (Level 2) - ??


1. Relevant Documentation (What's gathered so far)

The eID approach: The different levels

 

Level (Requirements)ModePilotAction by PatAttributes 
Level 0Manual input in the portal.epSOSMinimum D3.6.2  

Level 1

(disconnected mode possible)

LARMS

?? (eSENS eHeath OpenNCP 2.3.0 – floting  componento any portal

Pat gives card, does not type; 

Surname given name gender unique (health) identifier; Varies with each country*

RISK: not 100% sure individual ID

Level 3

(connection to internet and to Country A is needed/national PKIs via centraized service)

LAMb+Pat action

 

Patient confirms (mobile key; Pins of the card)

 

Allows “signed consent”

Authetication is possible

Level 4

(Does not use local functions of the card, uses online “information”; access to PEP)

DCA  Distributed CrossB Authentication

Stork II

Patient confirms (mobile key; Pins of the card) in a PC at the PoCare)

(atributes in the “assertion are the key issue”)

Confirms with National PKI everything;

Confirmes eIDAS.

Level 5

.Advanced Mobile APP solution  (AMAPP)

 

Use their mobile phone for full autentication without card need

  



2. Meeting Minutes:

Alexandre Santos (briefing):

  • TESTING:
    • We are testing 2 NCP-As (PT and IT)
    • Discussion between Me, Soeren and Marcello - how can we use the info on IT Smart Card
    • Particularity (token) with their SmartCard
    • With LARMS it's not possible to retriev those five last numbers (PIN)
    • We are making those changes needed
    • Soon we will have these issues solved so that PT and IT can use the eID Component.
    • Markus (Unlicensed): For EXPANDathon: only trc assertions? What other tests will we do?
    • Marcello Melgara: We are implementing 2 solutions...
      • We need International Setting Files, where every country specifies how countries work with or without the cards...
    • Massimiliano Masi: About testing
      • Next steps: I'm finalizing spec document - CP for EXPAND
      • In the scope of this document will be transfered into test assertions...
    • Markus (Unlicensed): TRC assertions... Unnoficially we maybe can test something else without IHE profiles.
      • Massimiliano Masi: Yes. We will have further meetings to discuss how can we make successfully tests.
    • Markus (Unlicensed): Can we write down these tests possibilities ?
    • Alexandre Santos: Important to focus on what Marcello Melgara said:
      • Information about the International Search Masks...

 

 

  • UPDATE TO COMPONENTS:
          • Been Talking with Soeren
    • Have a new version available next week (Monday?)
    • Final feature intended for this Level eID Integration will be available then
    • For now, it's signing the information, Patient Information...
    • The next component will have a feature: signing TRC Assertion - most important feature.
    • Rui Alves (Unlicensed): Timings... Next release two weeks before the EXPANDathon
      • Alexandre Santos: If we receive the components next week with the help from Fraunhofer (Soeren Bittins), I believe we can have the next release with these components integrated...
  • UPDATE ON LAST MEETING (EXPAND SPEC MAIN SHOP)
  • Massimiliano Masi proposed testing for the eID BB

 

3. AOB

Alexandre Santos: Next meeting end of next week - update all the group, testing preparation, status-point... I hope we are in a position to be prepared

Rui Alves (Unlicensed): Schedule the next meetings

 

Markus (Unlicensed): After EXPANDATHON - eID Levels (STORK and eIDAS) - relevance for the eHealth Pilot?

Stéphane Spahni: different things - STORK eID enabling PAC...

Alexandre Santos: We are focusing on EXPANDATHON for smart card for signing assertions...

The component is being built for the eIDAS scenario... We will not test in the following weeks, but it is being developed so that the next levels 

For now, this component is relying in the info of the smart card... Locally.

Next levels is when eID connects to STORK and get info and attributs for the patient through the STORK Portal...

Stéphane Spahni: Different from what we have now with STORK Portal in OpenNCP...

Massimiliano Masi: Next week we will have a meeting in Berlin - we'll have this discussion there...

 

AT will try to be at EXPANDathon...

Markus (Unlicensed): e-SENS WP 5.2 - WP5 Leader organized in Berlin (Fraunhofer host) - eID and SMP host.

@Alice: T-CON available?

Massimiliano Masi will confirm.

Marcello Melgara: Date of next release... Pre-CAT TESTING has to be done. 15 days before... We will be in the condition which formally, we will do regression PPT testing with 2.3.0 RC-0 version.

Marcello Melgara: eID Meeting in Berlin - 2 full days (19-20 Nov) - impacts on the release minimal - but it should be important to the future.

 


NEXT MEETING 

          • Marcello Melgara: I don't believe we will have this available in time - we should alert Karima that we are going to test this one week before the CAT