Add README
This commit is contained in:
parent
033ed40e48
commit
7122948a1c
1 changed files with 42 additions and 0 deletions
42
README.md
Normal file
42
README.md
Normal file
|
|
@ -0,0 +1,42 @@
|
|||
# XenID - A Dutch eIDAS client for Linux
|
||||
## Usage
|
||||
Install XenID, along with the resource files. This is best done with NixOS,
|
||||
right now. If using other systems, check `package.nix` to see where the
|
||||
resources go. That's it.
|
||||
|
||||
Any use of the DigiD ID-card check will now pop up XenID, allowing for quick
|
||||
and easy login with any (DigiD-activated) ID card.
|
||||
|
||||
## Security
|
||||
This program does not persist your ID card's PIN, and requires user interaction
|
||||
before allowing a DigiD authentication to continue.
|
||||
|
||||
It does not and could not know anything about your login, other than the name:
|
||||
When authenticating, a special session is created by the DigiD server, and
|
||||
provided through the URL used to open XenID. This session can only be used to
|
||||
interact with the ID card login process, and provides no long-term keys.
|
||||
|
||||
The communication between the card and DigiD is encrypted with a key only the
|
||||
card and the DigiD authentication server know, and the DigiD server never gets
|
||||
to see your PIN code.
|
||||
|
||||
## History
|
||||
The Dutch governent has a login system for citizens and residents, but all
|
||||
supported login methods are cumbersome, especially for users of fully open
|
||||
systems. Either way, you end up having to lug around a phone, alongside
|
||||
your laptop or desktop.
|
||||
|
||||
Thankfully, in 2022 someone WOO'd (Wet Open Overheid, Law on Open Goverment)
|
||||
the governent, which provided us with the majority of the source code of both
|
||||
the server and client side of this system.
|
||||
|
||||
Simultaneously, in the 2021 refresh, the ID cards were supplied with an eIDAS
|
||||
login function. Not much was known about this, and the only way to use this
|
||||
functionality was to use a digid-activated smartphone, which intensely limits
|
||||
its use. A desktop application was teased, and possibly released, but lost to
|
||||
time. However, the option still showed up to anyone logging in through DigiD,
|
||||
teasing them.
|
||||
|
||||
A while back, Puck spent some time digging through the WOO source, and wrote
|
||||
XenID, a Linux-native client, using the same entry point as the original eID
|
||||
client. Which you are looking at right now.
|
||||
Loading…
Add table
Add a link
Reference in a new issue