Here is the gist (directly taken from the website):
> Governikus provides the online service for authenticating your OpenPGP key on behalf of the German Federal Office for Information Security (BSI). This online service compares the name read from your ID card, your electronic residence permit or eID card for citizens of the European Union with the name specified in your OpenPGP key. If the names match, your public key is electronically signed by Governikus, confirming the match. The Governikus public key can be used to verify the Governikus electronic signature.
So this is apparently useful if somebody wants to send an encrypted email to somebody else and want to ensure that only the desired person can read the email. For that the sender would have to check that the OpenPGP key got signed with the Governikus public key before encrypting and sending the message.
What that doesn't seem to address are multiple people with the same name. So the sender know he's sending an email only John Doe can read, but he still don't know which John Doe it is.
To me that sounds like something which makes only sense for a few limited use cases.
This is not indented as a bullet prove government authentication system, if you need this use the eID card directly.
The goal is to have a CA for (existing) OpenPGP keys which checks if the name in it is matching the one from the identity card. When you sign a PGP key to tell that you trust it you should compare the name in the identity card or passport with the one from the key, this system does it automatically.
One tricky part is that many people like me leave out some names in the PGP key. In the first implementation of the PGP signing service it only ensured that at least one first name and one last name is also in the PGP key. I do not know if this is still the case.
> I worked for Governikus some years ago and worked on the initial version of this service.
Do you happen to still know some people at Governikus? I've been wondering for years why their AusweisApp2 is so ridiculously bad. (For everyone else: It's the official government app to scan the NFC chip in your ID to use it for authentication online.) I have not been able to authenticate successfully even once in all these years. Every single time the app keeps telling me I should scan my ID again, and again, and again. Contacting Governikus support has been completely useless as well, and the reviews on the Google Play Store speak for themselves I think.
Why is it so hard to fix this and why does Governikus support keep pretending I'm simply not scanning my ID "correctly" (i.e. holding my ID against my phone in the right way) when clearly the app is not working properly?
> But you have to hold the ID in the spot for NFC scanning for a solid minute, including while you type the PIN.
And I did. I have tried all kinds of ID <> phone positions (I also looked up where exactly the NFC chip is in my phone) and always made sure not to move ID at all while scanning it.
I have even tried it on other phones, and I also asked several friends. No one has been able to use the app successfully.
I've had it working on several Google Pixels, Nokias, and Sony Xperias. With the eID of myself and several friends.
Try if you can reliably read and write simpler NFC cards (e.g. a Mifare card as common for eTicket or university cafeteria cards). I'd like to see if it's something NFC-related or related to the eID specifically.
I'll make sure to continue to check this thread for a reply from you, as I'm now genuinely interested in what's going wrong here.
Thanks so much for trying to help me! I appreciate it.
I don't have any other NFC cards, unfortunately. But I've tried it on a BQ Aquaris X Pro, Google Pixel 3a and Google Pixel 5 (my current phone).
Also, the app manages to read my ID initially (it displays some personal data of mine) but then it asks me to scan the card another couple times and the third or fourth readout then fails (every single time) and I end up being back to square one (because I need to start the whole authentication process again).
> Also, the app manages to read my ID initially (it displays some personal data of mine) but then it asks me to scan the card another couple times and the third or fourth readout then fails (every single time)
Then it's definitely a case of bad positioning. The app has a limit of three or four attempts, so you're definitely running into that, but if you're seeing the app able to read some data but not reliably, then you don't have the card in the right position.
It may be that while positioning the card you, unknowingly, put it in the right position for a short moment, which allows it to read some data, but by the time it's actually trying to authenticate, you're already out of position.
> Then it's definitely a case of bad positioning. The app has a limit of three or four attempts, so you're definitely running into that, but if you're seeing the app able to read some data but not reliably, then you don't have the card in the right position.
I don't think that's the case. As I mentioned, the first reads always work. But then, later, when it asks me to hold my ID card against my phone once more (for the final authentication) it always fails.
Again, I have looked up my phone's NFC wiring and I have also tried other phones. The card is in the right place.
> What that doesn't seem to address are multiple people with the same name. So the sender know he's sending an email only John Doe can read, but he still don't know which John Doe it is.
That's not the way I read this. Governikus validates the names match, but they're linking the PGP key with the government ID, which should have some sort of unique identifier. What Governikus ought to be signing is a link between the PGP key and the government card's unique identifier. The name ought to be purely informational, and I wouldn't be surprised if the government has a public service showing the name of a person after supplying the unique ID as a parameter.
It does not have such a service. In fact, it is prohibited to use the document number for any other purpose than identifying the document itself, even for government entities.
I might be wrong but IMO the point is sign a key/subkey with something all trust, instead of having key-signing parties or unsigned keys. This allow John Doe to publish a public key other already trust it's belong to him.
Is there a reputable identity provider that would verify a passport, SSN or similar, preferably in person, and link that to an OpenPGP key with metadata same as in the ID?
Similar to this service, but linking not just the name, but more secure unique identity data. Linking the person’s name to the key is not very useful, since there are many people with that name.
That’s basically a government issued smart card, that would allow the use of OpenPGP A-E-S keys for arbitrary data through a FOSS API.
eID pretty much replicates Keybase, except it's concerned with real world identity (matching your given and surname to your pubkey) rather than pseudonymous identity (matching your twitter handle or reddit account or whatever else to your pubkey).
> that would allow the use of A-E-S keys for arbitrary data through a FOSS API.
You can use your ECC (or RSA) keypairs to negotiate an AES or chacha+poly session key. Most cryptosystems do that (ECDHE, or DHE for RSA) now since:
1. session keys are faster (in terms of CPU) than just encrypting with the remote's pubkey.
2. if the session key is stolen, you just get access to that session (perfect forward secrecy).
3. group chats just store the session key encrypted chat, plus copies of the session key encrypted with everyone's pubkey, to save storage.
A public key is a pretty bad identifier by itself. The combination of a good identifier with a public key/certificate binding to it is pretty powerful, though.
The US has a good public identifier (SSNs), but they are completely unauthenticated. German arguably has the opposite: Widely available e-signature capable ID cards – but they only bind to your name (and DOB).
I'm not sure you understand Germany. They barely emerged from one of the most oppressive surveillance regimes ever created and rightly vowed to make it as difficult as possible to arrive there again; everything you've just described is taboo if not illegal. Even using a dashcam is tightly regulated.
In new zealand there's a log in service used by the government across all services called realme, you can't link a pgp key etc but you do verify yourself in person with license or passport. it works quite well
Clear (https://www.clearme.com) could have the business market LOCKED UP if they would - on an opt-in basis - tie their biometic data to an OpenPGP key. Its been proposed to them in the past but I think they suffer from myopia.
Their business model isn't identity. It's rev share with airports to cut the TSA line. The biometrics are theater as part of the product. (control-F "Risks Related to Our Business, Brand and Operations" from Clear Secure's most recent 10-K)
> Clear doesn’t do any actual security screening of passengers, a process reserved solely for the TSA. The New York-based company verifies customers’ identities and escorts them to the front, using revenue-sharing agreements with the airports or airlines that control the lines to secure an advantage for its fliers.
Wait they really do nothing more than verify identity? As in the same the the person working there does checking ID? Is the only purpose to get people to cut the line but to add smoke and mirrors so it seems like that’s not the point? If that’s the case, why don’t airports just let people pay to cut the line?
> If that’s the case, why don’t airports just let people pay to cut the line?
They do. That is what Clear is for (just as Ticketmaster takes the heat for venues or artists taking more from customers via fees). You mean "why don't they make it more overt?" That's a great question.
Yeah my point was why don’t the make it more overt? I mean we’re talking about airports here. Airlines nickel and dime you more and more. I’m surprised airports wouldn’t just be open about. I mean there are already priority lanes and first class etc. Why hide the purpose of clear?
I think there’s some sort of revenue share. At the end of the day, all they do is a IAL-2 in-person or online validation (not sure if they do that in all cases) of your drivers license. They the link that to a biometric, which may or may not also be IAL-2.
Personally, I don’t get the point. I can pay for clear and avoid a line at Yankee stadium because they validated my drivers license and confirmed that I’m not a felon. If I am a felon, some dude looks at my backpack and I experience the same outcome.
I worked with a few of these things during the pandemic. They are all vulnerable to frauds with online validation. If you care about that, the best option is something like Idemia with in-person validation.
Holy shit! I didn’t realize Clear existed outside airports. So they are just some general purpose line cutting company? Presumably they track a shitton of information on people cutting lines, and both profit off of people paying them and the information they gather. I wish I’d could say that business getting a proposal to partner with Clear would tell them to take a hike, but I guess few American companies really have any integrity left.
What's the primary key to identify a German citizien? The full name is certainly not unique. Even combined with birthdate duplicates do probably exist. Some countries have something like a social security number. Of course those exist in Germany, too, but using them cross-functionally has long been deemed unconstitutional. So the tax office can use the tax number, but that cannot be shown e.g. in your passport or drivers licence. Analogously with every other identifier. I think some law and order politicians have tried to weaken this up, but I guess it's still not fully allowed.
Asking out of real curiousity. I am German citizen, but have not lived there after the first government office got a PC.
Unfortunately it's not a clearly written clause. It's derived from the dignity of humans and similar general terms. So the interpretation has changed over the decades. As long as the GDR existed it was clearly considered a property of a totalitarian state. Existed in the GDR (East) but unthinkable in the Federal Republic (West). Maybe 15 years after reunification (don't quote me on the exact number) a permament nationwide tax id was introduced. With the promise that its usage will forever be limited to tax offices and exchange with any other authorities is illegal. Another 15 years later that promise was "forgotten" and now the tax id can be exchanged with many authorities. It's relatively new and probably not widely used yet. But the dams have been opened.
Yes, that's a better explanation of the constitutional status, thank you! (Supreme court decision vs. an explicit clause in the constitution.)
FWIW, I think in this age of massive databases that can be effortlessly joined on fuzzy matching criteria, the lack of a unique person identifier is more of a hurdle for legitimate use cases than a safety measure against government or corporate overreach.
One good thing about it is the complete lack of the horrible "SSN as both primary key and bearer authentication token" pattern that's commonplace in the US, though – but the alternatives are pretty annoying, in my experience.
That sounds a bit like how SSN use in the US has broadened from its original scope. Any government power, once granted, seems only to ever increase in scope.
You must either own an ID card or a passport. This means having an ID card is optional. Does the German passport have a unique identifier as well? (never owned one)
The tax number otoh is assigned at birth.
There are (according to the BMI[1] (German interior ministry)) only two reason to have multiple passports:
The first being the one you stated and the second being multiple (visa requiring) travels in a short enough timeframe so that your passports would have to be lying at the foreign countries embassies/consulates at the same time.
Seems like motivation enforcement is quite strict, as they do state that you can't even get two passports for the "enemy visa" reason when the visits are just planned, but you can't prove it yet (palne tickets etc.) you won't get it, and you'll have to go to the German embassy after you can prove it...
I wonder if the city of birth is relevant too for uniqueness. I imagine the collision prevention then falls in the hands of the city administration office. It'd be funny if there's a Hans Müller born on 31 May 2023 in Frankfurt, and another Müller family wants to register a Hans, also born in Frankfurt, also on the same date, they might say "Sorry, that name is taken already".
Of course it'd be complicated if e.g. the 2 Hanses were born in a foreign country with no such checks, and moved to Germany later on...
It certainly isn't prohibited but does cause issues if Name/DoB/City of Birth coincide. There are a few cases where speeding tickets and arrest warrants end up with the wrong Mr. Müller.
The description implies that it does name matching only:
> This online service compares the name read from your ID card, your electronic residence permit or eID card for citizens of the European Union with the name specified in your OpenPGP key. If the names match, your public key is electronically signed by Governikus, confirming the match.
Germany does not use a global unique identifier like the social security number in the US. The Germans do not like such global identifier for people because the the Nazis used them and data protection is very important in Germany.
This is in fact not correct. There are two unique identifiers for every german citizen, first the so called "Rentenversicherungsnummer" and the "Steueridentifikationsnummer". Both are assigned at birth.
The usage of the Rentenversicherungsnummer is strictly limited by law, basically to pension-related administration. It cannot be legally used for general purpose.
The Steuerindentifikationsnummer used to be strictly limited to tax purposes. Against original political promises the legislation has been changed 2 years ago, weakening the limitations. I am not familiar with the details.
That's "propaganda" by the ministery, not answering many questions. They only claim that all government administration will become digital, smooth, and much cheaper.
Is it allowed to use the Steuer-ID for non-government purposes?
An enacted law is not "propaganda", it's the law. You can ignore all the fluff around the factual statements if you like.
The number is only intended to be used by government entities. The law restricts usage to census and communication with government entities (as well as already established tax-related use).
The law is not. But the press release you linked just promised bright future without giving any somewhat nuanced information. Mentioning the number of 584 (whatever it was...) authorities might sound like detail. But it it's completely useless for a single citizen. These are authorities all over the country, no citizen will ever interact with most of them. What I wnat to know how far does it reach for a single resident and where are the limits. The press release does not take citizens into account at all, it's just poor, that's why I called it "propaganda".
(At the moment I am citizen, but not a resident so I have no Steuer-ID yet. But a) it might become a resident some day again and b) as a citizen I occasionally have interact with various authorities anyway. So on top of being interested what happens in Germany in general it might affect me personally.)
An increasing number of previosly public administrative functions have been privatized. Does that immediately mean that data exchange stops there?
The number mentioned is of services, not entities supplying them (there are far more as many are rendered on a local level). A typical citizen uses a few dozen of those although often only once a decade or so. The text probably doesn't go into detail as that is part of another set of legislation.
I can't think of a service like the ones on the list that has been privatized. The law as written would not extend to that but who knows what would be enacted in that case.
Anyway, this is all theory so far as they are still in the stage of drawing up a technical architecture.
Absolutely. Credit scoring is a shady business and as a person educated in Germany I think shady business should be kept away from government information as much as possible.
A unique identifier is hardly "government information".
In any case, Germany does not have one, yet Schufa (the German credit scoring agency) still exists and still is able to build profiles on everybody living in Germany. So what's the gain?
Data mining operations like them will be able to perform good-enough matching based on fuzzy data like current and previous address; it just makes it more likely for errors to happen due to non-unique names and incorrectly merged or split credit profiles, and makes legitimate requests for your own data more difficult than necessary.
In Germany it is. Nobody else but government offices (federal, state, county, municipal) is allowed to use them. E.g. employers have access to them, but still they are legally required to only use an internal employee number for their internal operations.
Creating one that is shared between private instances would require explicit consent by the citizen to every company to use it according to GDPR. Well, of course Schufa requires consent too, which is not truly a decision a citizen can make. If you don't agree I don't think you'd find any bank opening an account. But I do hope there will such a public outcry if anybody tried to start such surveillance again today, it would fail in the beginning. Like Google Streetview did.
I am not convinced the Schufa score data quality is always very good. (Not living there I cannot request my own one, just a feeling.)
> In Germany it is. Nobody else but government offices (federal, state, county, municipal) is allowed to use them.
That still does not make it "government information". It's a primary key that (currently) may not be used by the industry. But by itself, it does not identify anything or anyone. In that sense, it's even less sensitive than a name; realistically though, if it's widely stored next to the associated name anyway, it's effectively the same as a name in terms of sensitivity.
A credit score is effectively a database shared across the financial industry. As such, it needs some sort of primary key. That can be either be something globally unique, like an SSN or equivalent, or a wonky composite primary key (first_name, last_name, date_of_birth, last_known_address) which will cause lots of false positives and false negatives:
What if you change your name? What if you move? What if there's somebody with the same name born on the same day in the same city? What if the spelling of your city has changed between your birth and your time of requesting a loan/credit card?
You may object to the idea of credit scoring in general, but being ok with credit scoring, yet objecting to the usage of a sane primary key to do it, makes no sense to me.
If a reliable primary key exists, it can easily be misused for many purposes: On the more benign side replace the Android Advertisement ID. On the malign side registering political opinions of citizens.
I don't want to live in such society. Yes, bad things can and have be done before. But making them simpler, cheaper, and more scalable needs to be avoided.
Fuzzy primary keys might have been a deterrent in the past century, but I seriously doubt that they'd stop anyone today from creating detailed user profiles. Not having reliable primary keys is a technical non-solution for a regulatory problem.
The much more effective solution here is to regulate businesses in when they can request/use somebody's primary key and/or other PII, and to simply not allow it in any case where a pseudonymous identifier or partial information (e.g. only somebody's approximate age rather than their full date of birth) would do just as well.
I live in a country where a unique identify number exists (social security number). People that understand something about information security would know that knowledge of a primary key is not authentication. It has not deterred the government or the courts to accept that knowledge of the social security number makes any contract valid. Example: If someone takes a loan with your number, you pay it back. You could argue that's not the fault of they key, that's the fault of the government and the courts. I have seen so much stupidity here that I am convinced that the traditional West German standpoint that a unique identifier violates human dignity makes sense. That Germany forgets their history is a pity.
So your actual objection to SSN-like numbers isn’t that they’re bad for privacy but rather that they’re a poor bearer token authentication mechanism? I think nobody was ever arguing that.
And Germans arguably aren’t “forgetting their history”, they are just regulating to achieve desired outcomes (no government and corporate privacy invasion; strong authentication where necessary), not mechanisms (no unique identifiers).
Times and technology change, so why uphold an old (interpretation of) law that is neither necessary nor sufficient to achieve the desired outcome in the present day?
The service checks if the name in your PGP key matches the name in your identity card and signs your PGP key if it matches. I think it also checks if you can receive mails on the mail address in your PGP key.
You can then use your PGP key to sign or encrypt emails or sign your git commits or other stuff you can do with PGP keys. Others who trust this signing service then known that this key really belongs to someone with your name.
> Others who trust this signing service then known that this key really belongs to someone with your name.
Yeah, but who are these others?
I mean I know how PGP key signing is supposed to work. But that all is entirely hypothetical.
It would be meaningful if e.g. there would be a requirement for gov agencies to accept communication with such keys with the same value as written communication. But "some fictional people may care about this signature" is meaningless.
Government agencies are required to accept de-mail, which is a proprietary email-like service. However, rollout has been nonexistent even among government agencies such that you cannot practically use it anywhere, they are a decade behind their rollout plan. The system itself is design-by-committee fugly, insecure and plain weird. You have to get an account with a commercial provider, all of which have closed down by now. PGP/GPG cannot be used with de-mail (except if you copy&paste the ascii-armored ciphertext into the software), and de-mail encryption is intentionally breakable anyways (officially "to scan for viruses").
The eID/ePA "elektronischer Personalausweis" electronic RFID passport which you need to use is another such weird proprietary waste of taxpayer money, accepted nowhere because it doesn't follow any standards and using the RFID function (e.g. as a bank for opening an account) costs tens of thousands per year just for the certificate you need. So nobody uses it and nobody enables the RFID functionality. Therefore the govt got the brilliant idea (among other, far less pleasant ideas such as requiring it for certain payouts) to offer free signatures on GPG/PGP keys using the ePA.
There’s a few decent uses for eID. I used it in the past year to submit my tax declaration (Elster), to change the bank account for car taxes (Zoll Portal), and get an overview of my government retirement insurance. All of these would be possible without the eID but generally involve getting a snail mail letter as authentication.
That is rather slim picking considering all other government interactions and especially private business interactions I did where it could’ve been useful but I’m glad I could do all least some stuff online.
You generate a key pair signed by a public administration, so you can "self-start" your chain-of-trust without key-signing parties witch is and was the biggest GPG/PGP issue so far...
A web-of-trust with ONLY people I trust/know personally means a small island. Maybe useful in some VERY limited context, but definitively not in general.
Let's state instead a fictional scenario: you got an email from John Doe, is really from him? Well, if it's signed with a GPG key signed by a government authority probably yes (at least, if it's not him he have successfully steal card&credentials to sign his key or something even more complex). Did you know the small "key-icon" GMail offer in it's WebUI for "trusted messages" from some well-known vendors? Well, with this you can replicate the same with anybody in Germany, trusted not by a private company but by a government authority.
It's still marginal since most would not use such system, but potentially it's a pretty logic idea and a very good news.
I'd argue there is nothing worth encrypting that John Doe could communicate. Anything important in this world is best left only to people you trust. What is John Doe gonna do for you?
If your PGP key isn't signed by anyone, then there's no way to verify that it's really you - other than contacting you and checking the fingerprint.
By having a trusted third party such as Governikus sign it, anyone can verify instantly that _this_ PGP key is actually from a person with a _name_ for which they also have a government ID with that exact name.
I can envision a _lot_ of use cases for having your name publicly recognized by a trusted party.
Neither can I find out a technical description what is actually certified and how. Email seems like a very insecure concept. How do they verify who controls a mailbox/email address?
Signing message contents I understand. But email headers can be faked in various ways.
This mostly looks like open software, which seems positive
But in the end you can only get/use it using Google, Microsoft, Apple or Huawei. As a German citizen I don't agree that I have to sell my freedom to American companies or a Chinese one, which show little respect for our legislation. Neither as companies nor countries they reside in and whose legislation they have to comply with.
> As a German citizen I don't agree that I have to sell my freedom to American companies
I mean your government already sells it to the USA government; why would you expect it to go any other way?
It doesn't look like it's going to change either especially since the EU is writing laws and policies that guarantee dependence on American tech companies.
I'd probably have been better saying gives the US the data but realistically they are "selling" it in return for benefits. They aren't just handing it over without getting anything for it.
The OpenPGP stuff in Germany is not officially required to be accepted as a paper signature replacement anywhere. They are just doing this as an advertisement for the eID/ePA electronic RFID passport functionality that nobody wants.
OpenPGP is pretty good, I don't get why it gets criticism to be honest. It even has support for quantum resistant cryptography now if I recall correctly. It's also pretty easy to use. OpenKeyChain for Android works great. So does Kleopatra on Linux. Even thunderbird has support for it
I recently came along this post [0], which pretty much killed PGP for me. I certainly cannot follow all technical detail in the post, but I do see that cryptography has moved on and now offers e.g. forward secrecy.
I should add that some of the risks mentioned in that post can be mitigated by proper user behavior (use a sufficient key length, limit the lifetime of your key). But then PGP is sufficiently complex and error prone (in using it and apparently in its technical complexity), that I don’t believe that it scales to everyone and their grandma using it.
And you can get a standard X.509v3 certificate from the FNMT (https://www.fnmt.es/en/ceres), or other agencies, which identifies you online for government purposes.
> Governikus provides the online service for authenticating your OpenPGP key on behalf of the German Federal Office for Information Security (BSI). This online service compares the name read from your ID card, your electronic residence permit or eID card for citizens of the European Union with the name specified in your OpenPGP key. If the names match, your public key is electronically signed by Governikus, confirming the match. The Governikus public key can be used to verify the Governikus electronic signature.
So this is apparently useful if somebody wants to send an encrypted email to somebody else and want to ensure that only the desired person can read the email. For that the sender would have to check that the OpenPGP key got signed with the Governikus public key before encrypting and sending the message.
What that doesn't seem to address are multiple people with the same name. So the sender know he's sending an email only John Doe can read, but he still don't know which John Doe it is.
To me that sounds like something which makes only sense for a few limited use cases.