EU Identity project turns its back on Information Card

The EU Commission funded project STORK announced during its second Industry Group Meeting, that they have decided on SAML 2.0 as protocol for its technical architecture.
The STORK project is the primary pilot project assigned by the EU commission to test cross border electronic identification between citizens and electronic services across Europe.

The first Industry Group Meeting resulted in feedback suggesting that the proposed architecture have potential vulnerabilities with respect to man in the middle attacks.
The combination of the solution to this problem and the selection of SAML 2.0 as the protocol of choice effectively prevents the use of the Information Card technology developed by the Industry during the past five years. The reason for this is that the Information Card model, which also use SAML assertions, uses WS-Trust as its primary exchange protocol and not pure SAML.

PKIX Meeting Minutes and Presentations

The PKIX group of the Internet Engineering Task Force met this Monday in San Francisco.
I made several presentations at this meeting but my main focus was on presenting the Visual eID Project and in particular the standards efforts that is required to form a complete technical solution.

Meeting minutes and presentations are available from

Events in March - ETSI ESI#23 and IETF 74