[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [id-cloud-comment] Identity in the Cloud Gaps and EU standards
From: Herbert Leitold <Herbert.Leitold@a-sit.at>
To: id-cloud-comment@lists.oasis-open.org
Sent: Wednesday, May 29, 2013 10:30 PM
Subject: [id-cloud-comment] Identity in the Cloud Gaps and EU standards
Dear all,
I read the Identity in the Cloud Gap Analysis with interest.
What to me is missing in the list of standards are relevant EU/EEA standards
that are gaining importance with existing and upcoming regulation. This as
in particular public authorities might file those as a requirement.
These are:
[1] XAdES for signature part (tier 2 standard) ETSI TS 101 903 [2] STORK
specifications (tier 3) D5.8.3b Interface Specification, 2010 [3] STORK 2.0
(tier 4) on representation/delegation
On [1] XAdES is profiling XMLDSIG that has been mentioned. It is inter alia
relevant under the EU Services Directive. In particular in the "Format
Decision" 2011/130/EU which e.g. also gets used in the revision of the
eProcurement Directive and might get a role related to the upcoming eID and
Trust Services Regulation.
So if a EU/EEA public authority deploys related services to the Cloud, it is
a requirement.
This is relevant for Use Case 13; to some extent to Use Case 9.
Similarly on [2], STORK is using and extending SAML 2.0. It is used by the
18 piloting Member States and will as well have a role related to the
upcoming eID and Trust Services Regulation.
I.e. it is will also be a requirement on the EU/EEA federation related to it
.
It is relevant to Use Cases 12, 16, and 21. To some extent to UC 6.
Finally, as UC 26 addresses "on behalf" authentication: That is exactly what
STORK 2.0 [3] is working on as federating mandates and representation
between the participating states. Though it is work in progress.
Kind regards,
Herbert
Herbert Leitold
A-SIT, Secure Information Technology Center - Austria
Inffeldgasse 16a, A-8010 Graz, Austria
Tel.: +43 316 873-5521
Fax: +43 316 873-105521
Herbert.Leitold@a-sit.at
--
This publicly archived list offers a means to provide input to the
OASIS Identity in the Cloud TC.
In order to verify user consent to the Feedback License terms and
to minimize spam in the list archive, subscription is required
before posting.
Subscribe: id-cloud-comment-subscribe@lists.oasis-open.org
Unsubscribe: id-cloud-comment-unsubscribe@lists.oasis-open.org
List help: id-cloud-comment-help@lists.oasis-open.org
List archive: http://lists.oasis-open.org/archives/id-cloud-comment/
Feedback License: http://www.oasis-open.org/who/ipr/feedback_license.pdf
List Guidelines: http://www.oasis-open.org/maillists/guidelines.php
Committee: http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=id-cloud
Join OASIS: http://www.oasis-open.org/join/
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]