Digital

Blog

European Commission Digital

Release of CEF eIDAS-Node software v.2.5

The European Commission is pleased to announce the release of the CEF eIDAS-Node software version 2.5 on 11 December 2020. 

Electronic identification (eID) is a key enabler for secure cross-border electronic transactions and is a prerequisite for both online public services and the digital economy. The eIDAS Regulation provides a foundation for a predictable regulatory environment for secure and seamless electronic interactions between businesses, citizens and public authorities. It provides a framework for the mutual recognition of national eID schemes across the EU.

The eIDAS Network consists of a number of interconnected eIDAS nodes which implement the framework provided by the eIDAS Regulation. The nodes are used to either request or provide cross-border authentication. Thanks to these nodes, citizens and businesses are able to use their (notified) national eIDs to authenticate their identity and access services in other Member States.

Although each country is responsible for implementing their own eIDAS node, each node is based on common European technical specifications. In order to support Member States in developing their node, the Commission provides a reference implementation of the eIDAS Node, which many Member States choose to adapt and reuse.

The latest version of this reference software is the CEF eIDAS-Node software version 2.5. This release is the first to be based on version 1.2 of the eIDAS technical specifications. It incorporates the feedback provided by Member States in response to the pre-release of the node software already shared.  The latest release of the node software incorporates the following main updates:

  • Technical Specifications 1.2:
    • Extension of Connector’s and Proxy-Service LOA validation to non-notified scheme LOAs
    • Extension of  Simple Protocol request to allow support to non-notified scheme LOAs
    • Implementation of support for 1.1 and 1.2 eIDAS specification for Gender attribute
    • Align allowed signature algorithms to eIDAS specification 1.2
    • Appropriate extensions to support RequesterID
    • Restriction of the node configuration to the use of TLSv1.2
    • Publication of the NodeCountry
    • Remove “Unspecified” from Gender possible values
    • Extend Light Response to allow support of SAML consent values
  • Break of the LightRequest / LightResponse interface:
    • Add SP Country Code to Light Request interface
    • Generation of LightMessage model  from XSD
    • Extend Light Response to allow support of SAML consent values
  • eIDAS Default parameters configuration
  • Jcache support for the eIDAS Node
  • Logging of messages eIDAS Node 2.x branch
  • Bug fixes
  • Security fixes
  • Source code fixes
  • Documentation fixes

This release has been successfully tested for interoperability with previous releases of eIDAS-Node versions v2.4.0 and v1.4.5. It was successfully tested and works with Middleware version 2.0 (2.0.1).

For a more detailed description of the changes introduced with this release please consult the release notes and section 3 "Changes” found in the eIDAS-Node Migration Guide.