DyslexicAtheistGerman implementation of eIDAS will require an Apple/Google account to function
That sounds like a very smart move at the time where Europe realize the US isn't such a gray partner and it's trying to reduce it's critical dependencies on foreign nations tech and infra. Good job.
I'm actually very surprised to see this from the germans who have this reputation of great engineering culture
I'm actually very surprised to see this from the germans who have this reputation of great engineering culture
Not in software. German software is awful. Think german cars, banks, telecoms etc
While I agree, it'd be hard to say that SAP is not good
SAP software is the bane of most people, who have to use it, except for expensive consultants, who make bank preying on hapless clueless companies opting to use SAP software.
Can anyone point me to where in the MDVN page it mentions requiring Apple and Google account? Thanks
Because the attestations will only work on iOS and Google Play integrity attested devices. Meaning Apple and Google accounts required.
I spent months designing a system, exactly like this. An account is not needed, at least for Apple.
Play Integrity could the worst offender here, as it can be leveraged to force a user to have installed the app through the Play Store. Indirectly, requiring a Google account.
Mastodon thread on this topic: https://mastodon.social/@pojntfx/116345677794218793
See also this issue from 2025 where the developers responded: https://gitlab.opencode.de/bmi/eudi-wallet/wallet-developmen...
AFAICT, there is no mention of an Apple or Google account being required in general - the documentation just lists "signals" that are used to securely authenticate a person - such as Google's/Apple's security ecosystems.
I am not sure what this means in practice.
Can anybody with deeper understanding explain the actual implications and possible outcomes?
(Note: BMI is the German Federal Ministry for the Interior)
All these requirements for specific hardware and software are ridiculous. Let every citizen use whatever computer they want. It should be up to the user to secure themselves. Authentication should only require a password or a key pair. If the user wants more security, they can set up TOTP or buy a security dongle or something.
It's also ridiculous how it seems we've forgotten computers other than smartphones exist and that not everyone even has a smartphone, let alone with an Apple or Google account.
I am shocked that there isn’t more opposition from the general public to policies like this that erode privacy and freedom. I am a parent and can appreciate the need to control what children do on the internet, but at some point parents need to parent. I fear we’re giving up a lot of freedom and adding unneeded complexity under the guise of keeping children safe.