...
It was agreed to use Context Handler 2 as it was in production when OS2valghalla is was planned to be production ready in October 2023.
This means Context Handler 1 is not supported in OSvalghallaOS2valghalla.
Context handler 2 roadmap
...
It was a non-functional requirement to OS2valghalla 3.0 to support NSIS since this is the new security model used by KOMBIT and other public authorities in Denmark.
Using an Excel tool made by Digitaliseringsstyrelsen and KOMBIT the required security level has been set to ‘Betydelig’. This was done with help from Thomas Vangsaa from Vangsaa Consult.
...
Thankfully KOMBIT will distribute a so called ‘KLIK-opgave' that describes what is needed. The task has a deadline in May '24 (in relation to the new VALG-system) so we can’t demand it to be solved by the municipalities. But we can point to it to make them setup both their local IdP and their Fælleskommunal Adgangsstyring setup.
However some municipalities will not do this yet, since all systems using an NSIS ready IdP will have to use two factor login. This means some municipalities like Skive and Aarhus are running both an “old” IdP and an NSIS ready IdP until NSIS and two factor login is more broadly implemented.
NSIS vs. NIST security level
Until municipalities are ready for NSIS, it is possible to configure each municipality’s OS2valghalla to use NSIT security level instead. This is done in the supplier vendor end of Fælleskommunal Adgangsstyring.
...
We will set NIST security level to 3. This level requires two factor login, but the municipalities should be able to handle this.
Municipalities
...
without NSIS enabled IdP
On KOMBIT writes:
...