- From: Toeroek, Laszlo (EXT) <laszlo.toeroek.ext@siemens.com>
- Date: Tue, 8 Feb 2011 11:39:52 +0100
- To: Henry Story <henry.story@bblfish.net>, WebID XG <public-xg-webid@w3.org>
- CC: Martin Gaedke <martin.gaedke@informatik.tu-chemnitz.de>
Hi, Personally, I am less concerned about the technical aspects. "Künftig können Sie mit dem neuen Personalausweis viele Dienste im Internet und an Automaten bequem, einfach und sicher nutzen, die bisher mit einem aufwendigen Registrierungsprozess verbunden sind. Die Anbieter dieser Dienste können Unternehmen oder Behörden sein. Nur Anbieter, die eine Berechtigung von der Vergabestelle für Berechtigungszertifikate (VfB) im Bundesverwaltungsamt bekommen, dürfen Dienste mit dem neuen Personalausweis anbieten." The bottom line is: only companies and government agencies will be legally offer services that leverage the new eID authentication. Corporate entities will have to get a government permit. Two possible (favourable) scenarios: - national governments adopt WebID (quite unlikely given current maturity and political support) for their eAuth purposes - the eID cards become a media to store WebIDs along with the gov issued identity (quite a few legal issues) As Mr. Williams said, it comes down to W3C's lobby and liaising capabilities whether the emerging standard will get traction in government agencies. TimBL was very successful in promoting Linked Data in the British and US gov, so I do have hopes. Laszlo -----Original Message----- From: public-xg-webid-request@w3.org [mailto:public-xg-webid-request@w3.org] On Behalf Of Henry Story Sent: Dienstag, 8. Februar 2011 11:11 To: WebID XG Cc: Martin Gaedke Subject: German eID In Monday's teleconf Martin Gaedke pointed out gaedke: regarding electronic IDs, there is something going on in Germany .... also in other countries ongoing <webr3> like the US too <gaedke> http://www.epass.de/ <gaedke> http://www.personalausweisportal.de/ I found the technical details here http://www.personalausweisportal.de/cln_102/SharedDocs/Downloads/DE/Technik_Flyer.html?nn=830460 As I understand these card work with a public key infrastracture. The CA is certificate is a Card Verifiable Certificates ISO 7816, and the certificates for the qualified electronic signature are X509 certs. It will require client software that supports the eCard-API, and an eID server. These are defined here www.bsi.bund.de. 1. BSI TR-03110 EAC und PACE 2. BSI TR-03112 eCard-API 3. BSI TR-03127 Architektur 4. BSI TR-03130 eID-Server Perhaps the picture here helps https://www.bsi.bund.de/ContentBSI/Publikationen/TechnischeRichtlinien/tr03112/index_htm.html Not sure how international these standards are, or how open. It would be intresting to see if browsers can interact with these cards, if they contain an X509 certificate, and if these could contain a WebID. Henry Social Web Architect http://bblfish.net/
Received on Tuesday, 8 February 2011 12:54:48 UTC