OpenSC & OpenIDopenid.ee - open source eID stack for the interweb

Martin Paljak, IdeelaborOpenSC Project - www.opensc-project.orgOpenID Foundation Europe - www.openideurope.eu

OpenSC• “Everything smart card”

• Several projects/APIs to expose things on card to application: Windows CSP, PKCS#11, OpenSSL, Mac OS X CDSA etc

• Support for several eID cards: FI, EE, IT, ES, BE, PT* ...

• de-facto cross-platform smart card solution

• Already used by projects on OSOR for cryptography in different situations

OSOR.eu & OpenSC

• YES: Awareness & visibility lobbying

• No forks, public specs and docs

• NO: OpenSC on OSOR.eu

• No reason, eID/EU only one aspect of OpenSC

OpenID• Ubiquitous identity framework for TheWeb

• Provided by Google, Microsoft, Yahoo, AOL ... Estonia

• Open specification / open platform for innovation

• Implemented and readily available in popular open source packagesfor example MediaWiki, Wordpress, Drupal, Joomla

• OSS libraries available for all relevant languages and platformslike PHP, Java, Python, Ruby, C++

Think global!

OSOR.eu & OpenID

• No software

• OSOR projects looking into OpenID

• Facilitate communication

• Avoid fragmentation of goals, not in source code repositories

openid.ee• First to combine (national eID) smart

cards with OpenID

• December 2006, also evaluated CAS

• Familiar “extra” features:

• Global namespace (URLs)

• Privacy preserving identifiers

• “Digitally sign NDA before entry”

openid.ee continued

• Reasons:

• Low technical requirements for integration

• Global footprint for ID-cards & Mobile-ID

• Advanced workflows beyond authentication and basic attributes

Thank you!

• www.opensc-project.org

• www.openideurope.eu

• openid.ee/about/english

• www.ideelabor.ee

• martin@paljak.pri.ee