eID Projects

Fedict started the development of a wide range of open source projects around the eID. The primary focus of these projects and products is to ease the integration of the eID within web applications, combined with a rich enduser experience.

eID Trust Service

eID Digital Signature Service

The eID DSS offers the creation and verification of ODF (OpenOffice) signatures, OOXML (Office 2010) signatures, and XML signatures according to the XAdES XL standard. This signature format is recommended by The eID Applet is a browser component to enable the the expert group of the EU eSignature Service use of the Belgian eID card within web applications in Directive. the most user friendly way possible today. The eID Applet runs on Windows, Mac OS X, and Linux platforms The eID DSS relies on the eID Applet for creation of digital signatures. For certificate validation the eID DSS and supports a wide range of web browsers including Firefox, IE, and Safari. Since the eID Applet can run both uses the eID Trust Service. with or without eID Middleware installed, it puts minimal requirements on the client browser The eID DSS signature verification web service is environment. implemented according to the OASIS DSS standard,

The eID Trust Service is a highly scalable W3C XKMS2 based certificate validation service specifically targeting the Belgian eID PKI infrastructure outofthebox while remaining configurable to also serve other PKI topologies. The architecture features a CRL based revocation cache. It provides authentication certificate chain validation as well as historical nonrepudiation certificate chain validation.

eID Applet

extended with Verification Report profile support.

As both the signature creation and signature validation are outsourced to the eID DSS, the Relying Party does not need to have notion of the actual signature format. This way the Relying Party can fully focus on the business work flows and define the XML schema according to its business needs.

eID Middleware

The eID Middleware software provides different cryptographic modules like PKCS#11, CSP for Windows,

eID Identity Provider

The eID Identity Provider product is a simple IdP using the eID as authentication token. The eID IdP uses the eID Applet for eID based entity authentication and the eID Trust Service for authentication certificate validation. The eID IdP supports different authentication protocols to ease integration within 3rd party applications: SAML2 Browser POST profile, OpenID 2 with Attribute Exchange and PAPE, and WS Federation with SAML2 Metadata. The eID IdP comes with the eID IdP SDK to simplify integration of the eID IdP functionality in web applications.

and tokend for Mac OS X. These cryptographic modules can be used from within desktop software, or from within a web browser to setup eID authentication based on mutual SSL. The eID Middleware also comes with a tool to view and print the content of your eID card, and to manage your PIN.

References

http://eid.belgium.be http://code.google.com/p/eidapplet/ http://code.google.com/p/eidtrustservice/ http://code.google.com/p/eididp/ http://code.google.com/p/eiddss/ http://code.google.com/p/eidmw/ http://groups.google.com/group/eidapplet The Fedict eID Team Publisher: Jan Deprest