1. 4

As you probably know, eIDAS is on the way.

European citizens will get universal electronic IDs in the form of a SAML federation. Electronic signatures are getting standardized as XAdES, CAdES and PAdES to replace arbitrary state standards.

A bunch of awesome people from Estonia have already created a free browser plugin for document signing and a shim called hwcrypto.js for websites to use. Heck, they might even get the mobile support going one day.

So, are any of you also working on anything related?


  2. 2

    I use the plugin in Firefox (to access eesti.ee services, etc.), and gosh, is it slow. I want to be bothered to look at the code sometime; depending on the page you access, it hangs the browser tab for a minute or longer, all the meanwhile accessing the smartcard; maybe it’s just the destination page making lots of individual requests which each need to be authenticated.

    1. 1

      Perhaps the plugin is not asynchronous.

      By the way, does eID work? Can you authenticate using your official ID card (smart card) only, or do you have other ways? How far is the adoption?

      1. 2

        It does indeed seem synchronous. I don’t quite know how the isolation works; the page itself becomes non-interactable, but I can switch tabs fine.

        eID sort of works (revised from “eID works”)! I don’t know about European universality — I’ve only tried with Estonian services — but presumably if they’re based on the same standard then it’ll be workable for most things.

        Estonia has a variety of mechanisms to authenticate beyond the smartcard (mobiil-ID for instance), but the cross-country support would be limited to national identity cards; e.g. there’s a Stork Pilot for cross-border authentication. eesti.ee accepts any Estonian auth (smartcard, mobile-ID, bank auth), but the smartcard mechanism is eID-compatible (I guess you could say?), and so any a card holder of any participating country should be able to use it.

        I’ve just tried this on the listed service for Germany, and I got a gateway timeout; Iceland’s redirected me to an nxp: scheme URL which the plugin didn’t seem to care for; Austria’s I couldn’t find any way to request a login; Belgium’s redirected to a “storkHandler” URL (seemed promising!) but then 404’d; Portugal’s led me to an SSO page, I selected “Citizen Card”, I was asked to consent to something, a Java applet ran, and finally “there was an error with your smartcard”. Wow. I then tried to start an application online for some Italian university and got “201002 - Invalid SAML Request token.”

        I guess it’s a work in progress.

        1. 1


    2. 1

      in the form of a SAML federation


      1. 1

        This makes me feel alone.

      2. 1

        Me and my friends in the Czechia are currently looking into the possibility of converting a municipality to use a free document management system, a free issue tracking system and hopefully more. If they agree, we are probably going to contribute a free integration work to make sure that anyone could pick these up and get rid of paper real quick.