Hello,
With the rollout of eIDAS 2.0 and the broader adoption of EU Digital Identity Wallets, there may be an opportunity to leverage government-backed digital identity systems.
I am particularly interested in whether eIDAS electronic signatures, whether generated through eIDAS-compliant national ID smartcards or additionally, if viable, through national Digital Identity providers, could be used for DIM2.
Would integrating eIDAS RSA-SHA256 signatures into DIM2 be feasible?
The biggest question is how will you protect them from being compromised?
@prodigalwon By who? By the government?
If we can accept key keeping authorities (contradicts R3 in Gav’s requirements) the question remains if the final standards will provide contextual pseudonymity (req. R5: “privacy”: sticky pseudonym per service for uniqueness but unlinkability of presentations to different services for privacy). AFAIU, it is too early to know.
What the Demo app provides is certainly not viable for anonymous PoP as the goal of these signatures is to be able to verify the signer’s identity.
Yes. Corrupt governments should not be able to compromise our system.
