Re: Use case: Authenticate using eID


On Apr 24, 2013, at 12:44 PM, Nick Van den Bleeken wrote:

> Get access to government applications that require authentication based on your real identity using your eID card (e.g.: to fill in taxes, retrieve birth certificate, ...). Including the option to sign out.
> Requirements:
> * Identify an appropriate key (issued by the government) -> query facility
> * Export the certificate, including its certificate chain (the website has to validate that the public key was issued by the government)
> * Use the private key to perform basic cryptographic operations

Looks like Ryan's already asked the questions I had.  IF the answer is that arbitrary origins that cannot enter into a "code agreement" (caller/callee) drive this use case, then I'm not sure we're working on technology that can cater to this use case.  I do think that a subset of this use case can be achieved with a cross-origin model, which is why I think it may be one of our more compelling use cases (and I'm optimistic we'll have a "flagship" cross-origin use case that illustrates what can be done outside origin-restricted use of this API).

In general, I'll create a  "documented for posterity" section in the use cases document, provided we make it clear that we're not pursuing a solution to those use cases within our API.

-- A*

Received on Tuesday, 7 May 2013 19:08:44 UTC