OpenID for all Estonians
22. May 2007 – 20:56 byWhen thinking about OpenID and its use cases I usually have registering accounts with web services and commenting on blogs in mind; I am probably not the only one thinking in that direction although there are countless other possibilities, Sun’s OpenID server being one of them (Sun OpenID=Sun employee).
Estonian eID
Today I have come across an example which goes way beyond Sun’s example (see Ma.gnolia bookmark). Estonia started issuing electronic Identity Cards (eID) in 2002 to its citizens. Those eID’s will be OpenID’s soon! Beta tests are running at the moment.
Although Estonia is a small country with just 1.37 million inhabitants more than one million Estonians and foreigners residing in the country will have an OpenID. Open.id.ee=Estonian eID. Those OpenID’s are very secure because smart cards are required which make phishing and identity theft impossible.
Besides being identity cards and OpenID’s those eID’s have a lot more functions. They contain two certificates for authentication and signing and a permanent email address which is forwarding emails to people’s real email provider; it is also used as a health card so there is no need for an extra card.
Other applications can be developed by using core components of the eID software. Estonians can use their eID for tax declaration, public transport, WiFi access, and even internet voting. Quite impressive actually.
Privacy
While the eID seems to be a very comfortable authentication tool privacy issues occur, of course. It could be the wet dream of some politicians. However the Estonian Data Protection Act allows just 12 people access to personal data; police and tax officials have only access after a court order. More information on security and privacy can be obtained here.
Information on eID:
eID in action: Estonia
National profile for eGovernment IDM initiatives in Estonia
ID.ee
13 Responses to “OpenID for all Estonians”
About privacy: First, the open.id.ee service, once announced, shall be open source. Second - current ‘public naming’ scheme with full names in the OpenID shall have a sibling namespace where the OpenID forwarded to the service shall be anonymous (no personal information, different for every site) yet there is a guarantee, that every eID holder has only one uniq identifier for the given site. To use it easily, websites shall have to use OpenID 2.0 and identifier_select feature what means ‘OpenID provider shall figure out the OpenID to send to the service’. This is exactly what OpenID is for - if you use eID cards in the most secure way - by using them to open the SSL connection to the web server (what is OK for banks and e-voting etc) - you expose all your personal information to the remote party. Very often you don’t want to do that.
Anyway, I have an English writing in the works that describes a bit more the reasons, technical challenges and possibilities and future of OpenID questions ‘Who? (you are)’ and ‘How? (do you assert that)’ in the context of open.id.ee. This comes together with the ‘public 1.0 beta’ (currently there is ‘public 0.1 beta’ online, for months already)
Also - please note that the very next step is cross-EU support what has been already tested in real life but is not a priority for Estonian OpenID-s.
Martin - creator of open.id.ee
By Martin Paljak on May 23, 2007
Thanks a lot for sharing some more details on how OpenID will work with eID. I think eID is an intriguing project; combining it with OpenID makes sense in many ways. I’ll certainly watch this project.
By Carsten Pötter on May 23, 2007
I know nothing about this, so I’m not saying you’re wrong, but:
> “smart cards are required which make phishing and identity theft impossible”
Surely “impossible” is overstating it?
By pauldwaite on May 24, 2007
Well, Simon Willison is asking a similar question. So am I really completely wrong? As far as I know scammers need a smart card as well to log in even if they know my password.
Anyone more knowledegable about smart cards than me?
By Carsten Pötter on May 24, 2007
I think that the smart cards are a form of 2FA. So only 1 part of the 2 factors is ever exposed. Even if a MITM was to intercept a request the value is only valid for that point in time so useless when trying to replay a request or use it another time. That’s probably a simplification of how it works…
By Anon on May 24, 2007
I’ve written my own response here with examples of how this system could break at
http://blogs.oracle.com/mwilcox/2007/05/24#a149
By Mark Wilcox on May 24, 2007
I guess I have to erase the word impossible from my vocabulary now.
By Carsten Pötter on May 24, 2007
> I guess I have to erase the word “impossible� from my vocabulary now.
When describing how easy it is to break into any computer system, then yeah, I think so
By pauldwaite on May 25, 2007
I finally found some time and willingness to write a blog post in English. It covers the same subject and might be of interest. http://martin.paljak.pri.ee/2007/05/25/openid-smart-cards-and-security-risks/
By Martin Paljak on May 25, 2007
> “While the eID seems to be a very comfortable authentication tool privacy issues occur, of course.”
This is what I’m most concerned about. I posted about it here:
http://passpack.wordpress.com/2007/05/25/openid-a-great-thing-going-amok/
Cheers,
Tara
By Tara (PassPack) on May 25, 2007