Versions Compared

Old Version 18

changes.mady.by.user Stefan Liström

Saved on

compared with

New Version 19

changes.mady.by.user Stefan Liström

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...



ObjectivesCurrent ActivitiesTimelinesPapers and Feedback processMore
1eIDAS (consolidated version)

Adoptedhttps://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A02014R0910-20240520
2eIDAS Trust framework


 eIDAS Testbed: https://test.eid.as/ 
3

GDPR




European Data Protection Board: 

https://www.edpb.europa.eu/our-work-tools/our-documents/topic/gdpr_en


Implementing Acts



ObjectivesCurrent ActivitiesTimelinesPapers and Feedback processMore
1Article 5a: Protocols and InterfacesHow digital identity wallets should communicate with other systems through protocols and interfaces.Adopted
 
2Article 5a: Integrity and Core FunctionalitiesHelps to understand what features EUDIW should offer.Adopted
 
3Article 5a: PID & EAAUnderstand how data and attributes are managed and verified in the ecosystem.Adopted
 
4Article 5c: Certification Adopted
 
5Ecosystem NotificationsNotifications to the CommissionAdopted
 
6Security BreachesDefines how security breaches must be handled, and when and how breached wallets should be suspended.Feedback period ended on 02 January 2025
  
7Electronic Attestations of AttributesProvides the specifications needed to issue Qualifed Electronic Attestations of Attributes (QEAA) and Electronic Attestations of Attributes (EAA), including how to achieve interoperability and details on revocation mechanisms.Feedback period ended on 02 January 2025


8Wallet listsSets out rules for Member States to submit information on certified wallet solutions for the machine-readable list of certified wallets to be published and maintained by the European Union.Feedback period ended on 02 January 2025


9Identity matching – Cross-border identity matching of natural persons by public sector bodies (RP)Sets out necessary provisions for Member States to ensure correct identity matching in cross-border authentications.Feedback period ended on 02 January 2025


10Relying parties – The registration of relying parties and the common mechanism for allowing the identification and authentication of relying partiesSets out rules for the registration of wallet relying parties via national registers.Feedback period ended on 02 January 2025


Work by the commission and the member states



ObjectivesCurrent activitiesTimelinesPapers and Feedback processMore
1ARFConsensus work on how the different actors and components in the EUDIW ecosystem should work



2Reference implementationReference blueprint how to implement a wallet based on eIDAS and the ARF



Pilot Projects & Real-World Use Cases

...

23


DefinitionCurrent StateTimelinesPapers and Feedback processMore
1

STS

This project collects all the information need to monitor and support the standadization activities for the EUDI Wallet

 
2

Contributions from Identity Foundations (e.g., OpenID Foundation, DIF, Trust Over IP)

  • JSON Web Tokens (JWT), JSON-LD, CBOR, and SD-JWT (IETF): Used for secure, verifiable, and compact digital identity assertions.
  • Decentralized Identity Foundation (DIF) Standards (DIF): Works on interoperability solutions such as DIDComm and secure messaging.
  • ARF (EU commission)
  • OIDC
    • OIDC4VC (OpenID Connect for Verifiable Credentials) is an extension of OpenID Connect (OIDC) designed to support the issuance, presentation, and verification of Verifiable Credentials (VCs) within decentralized identity ecosystems. It bridges traditional authentication systems (like OAuth 2.0 and OpenID Connect) with Self-Sovereign Identity (SSI) principles by leveraging existing identity protocols to issue, present, and verify Verifiable Credentials (VCs) in a decentralized and user-centric manner.
    • OIDC4CI(OpenID Connect for Credential Issuance) is an extension of OpenID Connect (OIDC) that enables the issuance of Verifiable Credentials (VCs) in a decentralized and interoperable way. It is designed to allow identity providers to issue credentials directly to users' digital wallets, bridging the gap between traditional authentication systems and Self-Sovereign Identity (SSI) principles.OIDC4CI follows a process similar to traditional OIDC authentication flows, but instead of issuing an ID token, it issues Verifiable Credentials (VCs).
    • Self-Issued OpenID Provider (SIOP v2) (OIDF): Extends OIDC for user-controlled identities without relying on a central identity provider.
    • EU/EEA Trusted List Browser


  
3

Standardization (W3C, ETSI, ISO)

  • ISO/IEC 18013-5:2021 establishes interface specifications for the implementation of a driving licence in association with a mobile device. It also  specifies the interface between the mDL and mDL reader and the interface between the mDL reader and the issuing authority infrastructure.
  • ETSI (European Telecommunications Standards Institute) is an independent, non-profit standards organization that develops globally applicable standards for telecommunications, broadcasting, and IT in Europe.
  • W3C DID Core Specification (W3C): Defines a format and methods for Decentralized Identifiers (DIDs), allowing for cryptographic proofs and verifiable control without centralized authorities.
  • W3C Verifiable Credentials (VC) Data Model (W3C): Specifies a model for issuing, presenting, and verifying credentials in a decentralized manner.
  • GNAP (Grant Negotiation and Authorization Protocol): A modern alternative to OAuth 2.0, designed to offer more flexibility, including decentralized architectures. It can work with DIDs (Decentralized Identifiers) and Verifiable Credentials, making it a better fit for distributed identity models.




4


  • European eIDAS 2.0 & EBSI (European Blockchain Services Infrastructure): Defines a regulatory framework and infrastructure for trusted digital identity in the EU.




...