SlideShare une entreprise Scribd logo

OpenDNIe Hackfest

Martin Paljak
Martin Paljak
Technologie
1  sur  17
Télécharger pour lire hors ligne
eID the open source perspective Martin Paljak (maintainer of) OpenSC Project www.opensc-project.org
Agenda • Brief history of eID in Estonia • History of OpenSC • Why open source matters • What’s up next for OpenSC ?
eID in Estonia • Preparations from 1997, actions from 1999/2000 to issue PKI smart cards to every citizen • First cards issued in January 2002 • “Probably the best beer eID in the world” • 1.1 Million cards, around 30% electronic users • Problem: no client software procured by government at first
eID software in Estonia • Plan A: proprietary free (as beer) software for Windows, created by the (commercial) CA • A-Team: creates necessary software as open source (OpenSC, OpenSC.tokend, installers etc) • Plan B: (5 years later) government tender to legalize (?) and re-use the open source software (#1 failed, #2 failed, #3 ongoing...)
Happy 10th birthday, OpenSC! • Two Finns, Juha and Antti, wanted to write an open source PKCS#11 driver for FINeID (PKCS#15) cards • 2001/2002 first posts on the opensc-devel mailing list • 0.4.0 released on 2001-12-29, contains a single, read-only driver
OpenSC in 2011 • 0.12.1 released on 17.05.2011 • ~30 card drivers • A reasonable PKCS#11 module • Mac OS X integration (TokenD) • Windows integration coming (MiniDriver) • Binary installers (Windows, Mac OS X) • Synthesized (non-PKCS#15) formats • Card personalization support
2001 to 2011 • Got interested around summer 2003 • Germans project: “Got ~2005, things to do ...” leave the took over in better Founding Finns • Early adopter of understandingOpenSC because “lack Belgium ditches from project” • Basically announced “soon stagnated or dead, if not already” by maintainer • “MUSCLE” practically dead, except for pcsc- lite+CCID • Maintenance “back in Nordic” (Estonia) since April 2010
Why OpenSC “won”? • A. Driver framework to support different cards • Compare: Linux; Evolution prefers heterogenous systems • B. Thrive to integrate with the environment • Apple is as good standard as Microsoft or RSA. % & $ • C. Dedication to core values • Open source, open attitude, community-driven • “If your work is stolen, it has value”
Why open source eID? • PKI - I as Infrastructure • 27 EU silos? Spanish Apache, “Spache”? • Transparency • eID affects almost everyone, trust in system is required for adoption
Neat reasons • eID often implemented as JavaCard applets • +1 for first published on-card applet. • “Fake eID applet” for badly written library copy machines & “free” copying • “What about my Commodore64 or Atari?” • Or Android, embedded ARM, ... ?
Neat anti-reasons • Open source makes attacks easier • Re-using branding, planting malware inside • Closed source allows for more competition from companies / possible technology export
Trends • First iteration often fails (technical or political or licensing issues) • SETEC ASTRONOMY fails • Don’t let government become Sony • Second round will be OSS anyway • Help others avoid the first mistake
International collaboration benefits • Applications (Firefox, OpenSSH, XXXOffice etc) all done elsewhere, by “foreigners”. • OpenSC as the grassroots EU interest body and lobby group of open source software smart card support (Mozilla, Apple etc) • Smart cards and crypto a niche sector, difficult to find motivated and competent fresh blood. • Homogeneous systems are doomed by evolution and limited by kind.
IAS-ECC, STORK, ... • US: PIV/CAC • EU: IAS-ECC • Standards are nice but real life matters too • Cross-border eID-enabledto test” (x27) “Install Elbonian software services: • Grassroots collaboration andbetter services interoperability could create resulting before policymakers. • Reference implementation benefits everyone
What lies ahead • OpenSC is far from an optimal or perfect solution • Old cruft, missing driver authors, lack of documentation, lack of courageous decisions (“structural reforms”), suboptimal design etc • Still it seems to have properties other projects don’t
OpenSC 0.12.2 • To be released on 2011.06.10 • Hopefully most of OpenDNIe code merged • “driver framework” is important • Bugfixes, cleanups, improvements • Automated tests, fast build iterations, infrastructure changes to support gradual project reform
Future of OpenSC • More cards, less drivers • Commodity (infrastructure) vs expensive gadget • New algorithms (Elliptic Curves) • Contactless world • Beyond conventional PKI crypto • COLLABORATION!

Recommandé

OpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareOpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareMartin Paljak
 
Introduction to bluetooth low energy - JFokus IoT 2015
Introduction to bluetooth low energy - JFokus IoT 2015Introduction to bluetooth low energy - JFokus IoT 2015
Introduction to bluetooth low energy - JFokus IoT 2015Shahzada Hatim
 
IoT-Stockholm-Intro_to_BLE
IoT-Stockholm-Intro_to_BLEIoT-Stockholm-Intro_to_BLE
IoT-Stockholm-Intro_to_BLEShahzada Hatim
 
Wavedigitech presentation-2013-v1
Wavedigitech presentation-2013-v1Wavedigitech presentation-2013-v1
Wavedigitech presentation-2013-v1Wave Digitech
 
Codebits 2011
Codebits 2011Codebits 2011
Codebits 2011Martin Paljak
 
JavaCard development Quickstart
JavaCard development QuickstartJavaCard development Quickstart
JavaCard development QuickstartMartin Paljak
 
Veebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaVeebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaMartin Paljak
 
ID-kaardist 100%
ID-kaardist 100%ID-kaardist 100%
ID-kaardist 100%Martin Paljak
 

Recommandé

OpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareOpenSC: eID interoperability through open source software
OpenSC: eID interoperability through open source softwareMartin Paljak
 
Introduction to bluetooth low energy - JFokus IoT 2015
Introduction to bluetooth low energy - JFokus IoT 2015Introduction to bluetooth low energy - JFokus IoT 2015
Introduction to bluetooth low energy - JFokus IoT 2015Shahzada Hatim
 
IoT-Stockholm-Intro_to_BLE
IoT-Stockholm-Intro_to_BLEIoT-Stockholm-Intro_to_BLE
IoT-Stockholm-Intro_to_BLEShahzada Hatim
 
Wavedigitech presentation-2013-v1
Wavedigitech presentation-2013-v1Wavedigitech presentation-2013-v1
Wavedigitech presentation-2013-v1Wave Digitech
 
Codebits 2011
Codebits 2011Codebits 2011
Codebits 2011Martin Paljak
 
JavaCard development Quickstart
JavaCard development QuickstartJavaCard development Quickstart
JavaCard development QuickstartMartin Paljak
 
Veebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaVeebis allkirjastamine ID-kaardiga
Veebis allkirjastamine ID-kaardigaMartin Paljak
 
ID-kaardist 100%
ID-kaardist 100%ID-kaardist 100%
ID-kaardist 100%Martin Paljak
 
Introducing Plan9 from Bell Labs
Introducing Plan9 from Bell LabsIntroducing Plan9 from Bell Labs
Introducing Plan9 from Bell LabsAnant Narayanan
 
Internet of Things 101 - For software engineers
Internet of Things 101 - For software engineersInternet of Things 101 - For software engineers
Internet of Things 101 - For software engineersKashif Ali Siddiqui
 
Open source caqdas what is in the box and what is missing
Open source caqdas what is in the box and what is missingOpen source caqdas what is in the box and what is missing
Open source caqdas what is in the box and what is missingMerlien Institute
 
Overview of the Intel® Internet of Things Developer Kit
Overview of the Intel® Internet of Things Developer KitOverview of the Intel® Internet of Things Developer Kit
Overview of the Intel® Internet of Things Developer KitIntel® Software
 
Open Source and the Internet of Things
Open Source and the Internet of ThingsOpen Source and the Internet of Things
Open Source and the Internet of ThingsBlack Duck by Synopsys
 
IoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical worldIoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical worldIvo Andreev
 
IoT: Contrasting Yocto/Buildroot to binary OSes
IoT: Contrasting Yocto/Buildroot to binary OSesIoT: Contrasting Yocto/Buildroot to binary OSes
IoT: Contrasting Yocto/Buildroot to binary OSesMender.io
 
OASIS: open source and open standards: internet of things
OASIS: open source and open standards: internet of thingsOASIS: open source and open standards: internet of things
OASIS: open source and open standards: internet of thingsJamie Clark
 
OASIS: How open source and open standards work together: the Internet of Things
OASIS: How open source and open standards work together: the Internet of ThingsOASIS: How open source and open standards work together: the Internet of Things
OASIS: How open source and open standards work together: the Internet of ThingsJames Bryce Clark
 
Contributing to Open Source
Contributing to Open SourceContributing to Open Source
Contributing to Open SourceAmol A. Sale
 
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...MediaTek Labs
 
Arduino, Open Source and The Internet of Things Landscape
Arduino, Open Source and The Internet of Things LandscapeArduino, Open Source and The Internet of Things Landscape
Arduino, Open Source and The Internet of Things LandscapeJustin Grammens
 
Osdc 2013 p
Osdc 2013 pOsdc 2013 p
Osdc 2013 pkumar641
 
Никита Корчагин - Introduction to Apple iOS Development.
Никита Корчагин - Introduction to Apple iOS Development.Никита Корчагин - Introduction to Apple iOS Development.
Никита Корчагин - Introduction to Apple iOS Development.DataArt
 
Free & Open Source Software (2017 update)
Free & Open Source Software (2017 update)Free & Open Source Software (2017 update)
Free & Open Source Software (2017 update)Frederik Questier
 
Portland Science Hack Day: Open Source Hardware
Portland Science Hack Day: Open Source HardwarePortland Science Hack Day: Open Source Hardware
Portland Science Hack Day: Open Source HardwareDrew Fustini
 
Citizen Developer Tools - session at SPS New England 10/20/2018
Citizen Developer Tools - session at SPS New England 10/20/2018Citizen Developer Tools - session at SPS New England 10/20/2018
Citizen Developer Tools - session at SPS New England 10/20/2018Antti Koskela
 
Devcon2上海 参加報告
Devcon2上海 参加報告Devcon2上海 参加報告
Devcon2上海 参加報告Hiroyasu NOHATA
 
Tracking the International Space Station with Commodore Computers
Tracking the International Space Station with Commodore ComputersTracking the International Space Station with Commodore Computers
Tracking the International Space Station with Commodore ComputersLeif Bloomquist
 
Building Embedded Linux Systems Introduction
Building Embedded Linux Systems IntroductionBuilding Embedded Linux Systems Introduction
Building Embedded Linux Systems IntroductionSherif Mousa
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDubai Multi Commodity Centre
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 

Contenu connexe

Similaire à OpenDNIe Hackfest

Introducing Plan9 from Bell Labs
Introducing Plan9 from Bell LabsIntroducing Plan9 from Bell Labs
Introducing Plan9 from Bell LabsAnant Narayanan
 
Internet of Things 101 - For software engineers
Internet of Things 101 - For software engineersInternet of Things 101 - For software engineers
Internet of Things 101 - For software engineersKashif Ali Siddiqui
 
Open source caqdas what is in the box and what is missing
Open source caqdas what is in the box and what is missingOpen source caqdas what is in the box and what is missing
Open source caqdas what is in the box and what is missingMerlien Institute
 
Overview of the Intel® Internet of Things Developer Kit
Overview of the Intel® Internet of Things Developer KitOverview of the Intel® Internet of Things Developer Kit
Overview of the Intel® Internet of Things Developer KitIntel® Software
 
Open Source and the Internet of Things
Open Source and the Internet of ThingsOpen Source and the Internet of Things
Open Source and the Internet of ThingsBlack Duck by Synopsys
 
IoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical worldIoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical worldIvo Andreev
 
IoT: Contrasting Yocto/Buildroot to binary OSes
IoT: Contrasting Yocto/Buildroot to binary OSesIoT: Contrasting Yocto/Buildroot to binary OSes
IoT: Contrasting Yocto/Buildroot to binary OSesMender.io
 
OASIS: open source and open standards: internet of things
OASIS: open source and open standards: internet of thingsOASIS: open source and open standards: internet of things
OASIS: open source and open standards: internet of thingsJamie Clark
 
OASIS: How open source and open standards work together: the Internet of Things
OASIS: How open source and open standards work together: the Internet of ThingsOASIS: How open source and open standards work together: the Internet of Things
OASIS: How open source and open standards work together: the Internet of ThingsJames Bryce Clark
 
Contributing to Open Source
Contributing to Open SourceContributing to Open Source
Contributing to Open SourceAmol A. Sale
 
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...MediaTek Labs
 
Arduino, Open Source and The Internet of Things Landscape
Arduino, Open Source and The Internet of Things LandscapeArduino, Open Source and The Internet of Things Landscape
Arduino, Open Source and The Internet of Things LandscapeJustin Grammens
 
Osdc 2013 p
Osdc 2013 pOsdc 2013 p
Osdc 2013 pkumar641
 
Никита Корчагин - Introduction to Apple iOS Development.
Никита Корчагин - Introduction to Apple iOS Development.Никита Корчагин - Introduction to Apple iOS Development.
Никита Корчагин - Introduction to Apple iOS Development.DataArt
 
Free & Open Source Software (2017 update)
Free & Open Source Software (2017 update)Free & Open Source Software (2017 update)
Free & Open Source Software (2017 update)Frederik Questier
 
Portland Science Hack Day: Open Source Hardware
Portland Science Hack Day: Open Source HardwarePortland Science Hack Day: Open Source Hardware
Portland Science Hack Day: Open Source HardwareDrew Fustini
 
Citizen Developer Tools - session at SPS New England 10/20/2018
Citizen Developer Tools - session at SPS New England 10/20/2018Citizen Developer Tools - session at SPS New England 10/20/2018
Citizen Developer Tools - session at SPS New England 10/20/2018Antti Koskela
 
Devcon2上海 参加報告
Devcon2上海 参加報告Devcon2上海 参加報告
Devcon2上海 参加報告Hiroyasu NOHATA
 
Tracking the International Space Station with Commodore Computers
Tracking the International Space Station with Commodore ComputersTracking the International Space Station with Commodore Computers
Tracking the International Space Station with Commodore ComputersLeif Bloomquist
 
Building Embedded Linux Systems Introduction
Building Embedded Linux Systems IntroductionBuilding Embedded Linux Systems Introduction
Building Embedded Linux Systems IntroductionSherif Mousa
 

Similaire à OpenDNIe Hackfest (20)

Introducing Plan9 from Bell Labs
Introducing Plan9 from Bell LabsIntroducing Plan9 from Bell Labs
Introducing Plan9 from Bell Labs
 
Internet of Things 101 - For software engineers
Internet of Things 101 - For software engineersInternet of Things 101 - For software engineers
Internet of Things 101 - For software engineers
 
Open source caqdas what is in the box and what is missing
Open source caqdas what is in the box and what is missingOpen source caqdas what is in the box and what is missing
Open source caqdas what is in the box and what is missing
 
Overview of the Intel® Internet of Things Developer Kit
Overview of the Intel® Internet of Things Developer KitOverview of the Intel® Internet of Things Developer Kit
Overview of the Intel® Internet of Things Developer Kit
 
Open Source and the Internet of Things
Open Source and the Internet of ThingsOpen Source and the Internet of Things
Open Source and the Internet of Things
 
IoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical worldIoT, computer intelligence and javascript in the physical world
IoT, computer intelligence and javascript in the physical world
 
IoT: Contrasting Yocto/Buildroot to binary OSes
IoT: Contrasting Yocto/Buildroot to binary OSesIoT: Contrasting Yocto/Buildroot to binary OSes
IoT: Contrasting Yocto/Buildroot to binary OSes
 
OASIS: open source and open standards: internet of things
OASIS: open source and open standards: internet of thingsOASIS: open source and open standards: internet of things
OASIS: open source and open standards: internet of things
 
OASIS: How open source and open standards work together: the Internet of Things
OASIS: How open source and open standards work together: the Internet of ThingsOASIS: How open source and open standards work together: the Internet of Things
OASIS: How open source and open standards work together: the Internet of Things
 
Contributing to Open Source
Contributing to Open SourceContributing to Open Source
Contributing to Open Source
 
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...
Peripheral Programming using Arduino and Python on MediaTek LinkIt Smart 7688...
 
Arduino, Open Source and The Internet of Things Landscape
Arduino, Open Source and The Internet of Things LandscapeArduino, Open Source and The Internet of Things Landscape
Arduino, Open Source and The Internet of Things Landscape
 
Osdc 2013 p
Osdc 2013 pOsdc 2013 p
Osdc 2013 p
 
Никита Корчагин - Introduction to Apple iOS Development.
Никита Корчагин - Introduction to Apple iOS Development.Никита Корчагин - Introduction to Apple iOS Development.
Никита Корчагин - Introduction to Apple iOS Development.
 
Free & Open Source Software (2017 update)
Free & Open Source Software (2017 update)Free & Open Source Software (2017 update)
Free & Open Source Software (2017 update)
 
Portland Science Hack Day: Open Source Hardware
Portland Science Hack Day: Open Source HardwarePortland Science Hack Day: Open Source Hardware
Portland Science Hack Day: Open Source Hardware
 
Citizen Developer Tools - session at SPS New England 10/20/2018
Citizen Developer Tools - session at SPS New England 10/20/2018Citizen Developer Tools - session at SPS New England 10/20/2018
Citizen Developer Tools - session at SPS New England 10/20/2018
 
Devcon2上海 参加報告
Devcon2上海 参加報告Devcon2上海 参加報告
Devcon2上海 参加報告
 
Tracking the International Space Station with Commodore Computers
Tracking the International Space Station with Commodore ComputersTracking the International Space Station with Commodore Computers
Tracking the International Space Station with Commodore Computers
 
Building Embedded Linux Systems Introduction
Building Embedded Linux Systems IntroductionBuilding Embedded Linux Systems Introduction
Building Embedded Linux Systems Introduction
 

Dernier

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 

Dernier (20)

DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 

OpenDNIe Hackfest

  • 1. eID the open source perspective Martin Paljak (maintainer of) OpenSC Project www.opensc-project.org
  • 2. Agenda • Brief history of eID in Estonia • History of OpenSC • Why open source matters • What’s up next for OpenSC ?
  • 3. eID in Estonia • Preparations from 1997, actions from 1999/2000 to issue PKI smart cards to every citizen • First cards issued in January 2002 • “Probably the best beer eID in the world” • 1.1 Million cards, around 30% electronic users • Problem: no client software procured by government at first
  • 4. eID software in Estonia • Plan A: proprietary free (as beer) software for Windows, created by the (commercial) CA • A-Team: creates necessary software as open source (OpenSC, OpenSC.tokend, installers etc) • Plan B: (5 years later) government tender to legalize (?) and re-use the open source software (#1 failed, #2 failed, #3 ongoing...)
  • 5. Happy 10th birthday, OpenSC! • Two Finns, Juha and Antti, wanted to write an open source PKCS#11 driver for FINeID (PKCS#15) cards • 2001/2002 first posts on the opensc-devel mailing list • 0.4.0 released on 2001-12-29, contains a single, read-only driver
  • 6. OpenSC in 2011 • 0.12.1 released on 17.05.2011 • ~30 card drivers • A reasonable PKCS#11 module • Mac OS X integration (TokenD) • Windows integration coming (MiniDriver) • Binary installers (Windows, Mac OS X) • Synthesized (non-PKCS#15) formats • Card personalization support
  • 7. 2001 to 2011 • Got interested around summer 2003 • Germans project: “Got ~2005, things to do ...” leave the took over in better Founding Finns • Early adopter of understandingOpenSC because “lack Belgium ditches from project” • Basically announced “soon stagnated or dead, if not already” by maintainer • “MUSCLE” practically dead, except for pcsc- lite+CCID • Maintenance “back in Nordic” (Estonia) since April 2010
  • 8. Why OpenSC “won”? • A. Driver framework to support different cards • Compare: Linux; Evolution prefers heterogenous systems • B. Thrive to integrate with the environment • Apple is as good standard as Microsoft or RSA. % & $ • C. Dedication to core values • Open source, open attitude, community-driven • “If your work is stolen, it has value”
  • 9. Why open source eID? • PKI - I as Infrastructure • 27 EU silos? Spanish Apache, “Spache”? • Transparency • eID affects almost everyone, trust in system is required for adoption
  • 10. Neat reasons • eID often implemented as JavaCard applets • +1 for first published on-card applet. • “Fake eID applet” for badly written library copy machines & “free” copying • “What about my Commodore64 or Atari?” • Or Android, embedded ARM, ... ?
  • 11. Neat anti-reasons • Open source makes attacks easier • Re-using branding, planting malware inside • Closed source allows for more competition from companies / possible technology export
  • 12. Trends • First iteration often fails (technical or political or licensing issues) • SETEC ASTRONOMY fails • Don’t let government become Sony • Second round will be OSS anyway • Help others avoid the first mistake
  • 13. International collaboration benefits • Applications (Firefox, OpenSSH, XXXOffice etc) all done elsewhere, by “foreigners”. • OpenSC as the grassroots EU interest body and lobby group of open source software smart card support (Mozilla, Apple etc) • Smart cards and crypto a niche sector, difficult to find motivated and competent fresh blood. • Homogeneous systems are doomed by evolution and limited by kind.
  • 14. IAS-ECC, STORK, ... • US: PIV/CAC • EU: IAS-ECC • Standards are nice but real life matters too • Cross-border eID-enabledto test” (x27) “Install Elbonian software services: • Grassroots collaboration andbetter services interoperability could create resulting before policymakers. • Reference implementation benefits everyone
  • 15. What lies ahead • OpenSC is far from an optimal or perfect solution • Old cruft, missing driver authors, lack of documentation, lack of courageous decisions (“structural reforms”), suboptimal design etc • Still it seems to have properties other projects don’t
  • 16. OpenSC 0.12.2 • To be released on 2011.06.10 • Hopefully most of OpenDNIe code merged • “driver framework” is important • Bugfixes, cleanups, improvements • Automated tests, fast build iterations, infrastructure changes to support gradual project reform
  • 17. Future of OpenSC • More cards, less drivers • Commodity (infrastructure) vs expensive gadget • New algorithms (Elliptic Curves) • Contactless world • Beyond conventional PKI crypto • COLLABORATION!