Release of CEF eIDAS-Node version 2.3.1
©Adobe Stock
The European Commission is pleased to announce the release of the CEF eIDAS-Node software version 2.3.1 on 29 October 2019.
Electronic identification (eID) and electronic Trust Services (eTS) are key enablers for secure cross-border electronic transactions and central building blocks of the Digital Single Market. The Regulation (EU) N°910/2014 on electronic identification and trust services for electronic transactions in the internal market (eIDAS Regulation) is a milestone to provide a predictable regulatory environment to enable secure and seamless electronic interactions between businesses, citizens and public authorities.
The eIDAS Network consists of a number of interconnected eIDAS nodes, which can either request or provide cross-border authentication. It is the responsibility of each country to implement their eIDAS node.
Release 2.3.1 of the eIDAS sample implementation for Member States is an all-in-one package for the Java platform including binary distributions for Glassfish, WildFly, Tomcat, WebLogic, WebSphere and the source code (Maven project). This release is based on version 1.1 of the eIDAS Technical Specifications.
The main change in release 2.3.1 is the added fix for a reported vulnerability. The CEF eID Team informed the Member States and closely collaborated with those which were known to run a version of the node with the identified vulnerability to put the right precautions in place.
Finally, this release was successfully tested for interoperability with previous releases of CEF eIDAS-Node v2.3 and v1.4.5, and with the German Middleware v1.1.0
For a more detailed description of the changes introduced with this release please consult the release notes and section "3. Changes” of the eIDAS-Node Migration Guide.
Member States can use this release as a sample implementation for demonstration purposes or they can adapt it as a basis for their own eIDAS scheme.
The testing tools (demo SP, demo IdP), the supplied Specific part and the Simple Protocol, should be used for demo purposes only on your local machine, and should not be deployed in your infrastructure.
With each release, the CEF eID Team strives to improve users' CEF eID experience. Feedback received on this version will be used as a basis for updating future versions of the eIDAS node software and the technical specifications.