-
Notifications
You must be signed in to change notification settings - Fork 256
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
EU regulations conformance #190
Comments
Hi there, good question. We have not done any qualifications/ certifications w.r.t. eIDAS or s.th. similar. As we rely on GitHub as a identity provider, they would also be part of that I guess. Is this a requirement for you? Any further hints/ pointers? |
As a french company, we need the CLA signing process to conform to the french law which is governed by EU eIDAS regulations. |
This is where we follow the same flow as all other GitHub applications. We use oauth to obtain a user token and that token is used for authentication and the proof for that specific identity. I am wondering if we automatically reach the first stage by implementing server-side oauth. I will reach out to a few colleagues internally and try to get some more information on that topic. |
Ok. Right now we cannot judge the relevance of eIDAS and if it is applicable for CLA assistant. We can answer technical questions on how user authentication and such are performed, but cannot guarantee any conformance with that regulation. |
Hello,
Could you tell me if cla-assistant is conform to the EU eIDAS regulation on digital signatures?
In particular, I'm interested to know if it meets either the "simple", "advanced" or "qualified" criteria.
Thanks!
The text was updated successfully, but these errors were encountered: