Digital

Blog

European Commission Digital

Release of CEF eIDAS-Node software version 2.3

@Pixabay 

The European Commission is pleased to announce the release of the CEF eIDAS-Node software version 2.3 on 20 June 2019.

Electronic identification (eID) and electronic Trust Services (eTS) are key enablers for secure cross-border electronic transactions and central building blocks of the Digital Single Market. The Regulation (EU) N°910/2014 on electronic identification and trust services for electronic transactions in the internal market (eIDAS Regulation) is a milestone to provide a predictable regulatory environment to enable secure and seamless electronic interactions between businesses, citizens and public authorities.

The eIDAS Network consists of a number of interconnected eIDAS nodes, which can either request or provide cross-border authentication. It is the responsibility of each country to implement their eIDAS node.

Release 2.3 of the eIDAS sample implementation for Member States is an all-in-one package for the Java platform. This release is based on version 1.1 of the eIDAS technical specifications.

Most notably, the following changes have been introduced:

  • Improvement in logging for better traceability of messages
  • Support of JCache: Ignite as default implementation
  • Migration to Java 8
  • Updated list of supported Web application servers:
    o   Glassfish 4: Full Platform replaced by Web Profile
    o   Dropped Tomcat 7, introduced Tomcat 9
    o   Dropped JBoss7, introduced Wildfly 15
  • Bugs and security fixes

In addition, the following updates have taken place in dependencies in order to avoid reported related vulnerabilities:

  • BouncyCastle dependency was upgraded to v1.60
  • Bootstrap dependency was upgraded to v4.3.1
  • jQuery dependency was removed from the node (i.e., from the Generic parts)

Finally, this release was successfully tested for interoperability with previous releases of CEF eIDAS-Node v2.2 and v1.4.5, and with the German Middleware v1.1.0

For a more detailed description of the changes introduced with this release please consult the release notes and section 3 "Changes” found in the eIDAS-Node Migration Guide.

Member States can use this release as a sample implementation for demonstration purposes or they can adapt it as a basis for their own eIDAS scheme.

The testing tools (demo SP, demo IdP), the supplied Specific part and the Simple Protocol, should be used for demo purposes only on your local machine, and should not be deployed in your infrastructure.

With each release, the CEF eID Team strives to improve users' CEF eID experience. Future versions of the technical specifications will be updated based on feedback received on this current version.