Create an ADR and flow diagram for cross signing of new logins using eID (own devices, not Fachverfahren)

Problem:

During the workshop, we discussed opportunities to simplify the login and onboarding UX of end users in different use cases.

In some cases, users might happen to have multiple devices e.g. if they have the FIT-Neo app installed and wish to further work on their computer. In this case, we should present a simple and intuitive way to cryptographically verify the new (browser) session without user interaction using their eID.

ACs:

• follow the architecture decision making process to
  • clarify

Goal:

A user should only need to use their eID card once rather than several times. As developers, we should provide an implementation permitting verification of additional sessions using the information recorded in an eID process without any user interaction.

Notes:

• Requirements uIDs: LB_27

Invisible crypto (device bootstrap using Bund.ID) if previous device is present (e.g. web)

• on first Bund.ID, device remembers personal details ("Stammdaten") of ID card -> regular verification on ID card change
• MSC1543 -> QR payload with HMAC signed with Bund.ID eID data -> can be verified -> Mismatch -> "Did you get a new ID card, please scan on present device as well."
• MSC1543 with HMAC signed umbrella rather than QR <-> camera -> disadvantage: trust for eID server

Potential disadvantages:

• trust in the eID server