[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[www-reclaim] 01/06: initial import
From: |
gnunet |
Subject: |
[www-reclaim] 01/06: initial import |
Date: |
Wed, 24 Jun 2020 19:32:33 +0200 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository www-reclaim.
commit 7f8e7a9bb2131eb99628beff95488efd2d4af3ad
Author: Schanzenbach, Martin <mschanzenbach@posteo.de>
AuthorDate: Mon Dec 2 11:41:36 2019 +0100
initial import
---
.gitlab-ci.yml | 29 +++
404.html | 24 +++
Gemfile | 30 +++
_config.yml | 44 +++++
_includes/footer.html | 6 +
_includes/head.html | 16 ++
_includes/header.html | 16 ++
_layouts/default.html | 15 ++
_layouts/page.html | 15 ++
_layouts/post.html | 8 +
_pages/00_index.html | 40 ++++
_pages/01_technology.html | 91 +++++++++
_pages/02_users.html | 73 +++++++
_pages/03_forwebsites.html | 64 ++++++
_pages/04_motivation.html | 33 ++++
_pages/05_faq.html | 25 +++
_posts/2018-07-20-welcome-to-jekyll.markdown | 25 +++
_sass/_base.scss | 19 ++
_sass/_layout.scss | 278 +++++++++++++++++++++++++++
assets/Reclaim-2.png | Bin 0 -> 64553 bytes
assets/Reclaim-3.png | Bin 0 -> 73011 bytes
assets/Reclaim-4.png | Bin 0 -> 66685 bytes
assets/Reclaim-5.png | Bin 0 -> 68865 bytes
assets/Reclaim-6.png | Bin 0 -> 70225 bytes
assets/gnunet.png | Bin 0 -> 9620 bytes
assets/proxy_setup.png | Bin 0 -> 83629 bytes
assets/reclaim.png | Bin 0 -> 70225 bytes
assets/reclaim_eq.png | Bin 0 -> 20466 bytes
assets/reclaim_icon.png | Bin 0 -> 7834 bytes
assets/reclaim_logo.png | Bin 0 -> 14337 bytes
assets/reclaim_oidc.png | Bin 0 -> 24859 bytes
assets/strength.png | Bin 0 -> 36357 bytes
css/bootstrap.min.css | 7 +
css/main.scss | 6 +
impressum.html | 22 +++
privacy.html | 142 ++++++++++++++
36 files changed, 1028 insertions(+)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000..d1ccd82
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,29 @@
+image: ruby:2.3
+
+variables:
+ JEKYLL_ENV: production
+ LC_ALL: C.UTF-8
+
+before_script:
+ - bundle install
+
+test:
+ stage: test
+ script:
+ - bundle exec jekyll build -d test
+ artifacts:
+ paths:
+ - test
+ except:
+ - master
+
+pages:
+ stage: deploy
+ script:
+ - bundle exec jekyll build -d public
+ artifacts:
+ paths:
+ - public
+ only:
+ - master
+
diff --git a/404.html b/404.html
new file mode 100644
index 0000000..c472b4e
--- /dev/null
+++ b/404.html
@@ -0,0 +1,24 @@
+---
+layout: default
+---
+
+<style type="text/css" media="screen">
+ .container {
+ margin: 10px auto;
+ max-width: 600px;
+ text-align: center;
+ }
+ h1 {
+ margin: 30px 0;
+ font-size: 4em;
+ line-height: 1;
+ letter-spacing: -1px;
+ }
+</style>
+
+<div class="container">
+ <h1>404</h1>
+
+ <p><strong>Page not found :(</strong></p>
+ <p>The requested page could not be found.</p>
+</div>
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..3a09b03
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,30 @@
+source "https://rubygems.org"
+
+# Hello! This is where you manage which Jekyll version is used to run.
+# When you want to use a different version, change it below, save the
+# file and run `bundle install`. Run Jekyll with `bundle exec`, like so:
+#
+# bundle exec jekyll serve
+#
+# This will help ensure the proper Jekyll version is running.
+# Happy Jekylling!
+gem "jekyll", "~> 3.8.3"
+
+# This is the default theme for new Jekyll sites. You may change this to
anything you like.
+gem "minima", "~> 2.0"
+
+# If you want to use GitHub Pages, remove the "gem "jekyll"" above and
+# uncomment the line below. To upgrade, run `bundle update github-pages`.
+# gem "github-pages", group: :jekyll_plugins
+
+# If you have any plugins, put them here!
+group :jekyll_plugins do
+ gem "jekyll-feed", "~> 0.6"
+end
+
+# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
+gem "tzinfo-data", platforms: [:mingw, :mswin, :x64_mingw, :jruby]
+
+# Performance-booster for watching directories on Windows
+gem "wdm", "~> 0.1.0" if Gem.win_platform?
+
diff --git a/_config.yml b/_config.yml
new file mode 100644
index 0000000..03ada76
--- /dev/null
+++ b/_config.yml
@@ -0,0 +1,44 @@
+# Welcome to Jekyll!
+#
+# This config file is meant for settings that affect your whole blog, values
+# which you are expected to set up once and rarely edit after that. If you find
+# yourself editing this file very often, consider using Jekyll's data files
+# feature for the data you need to update frequently.
+#
+# For technical reasons, this file is *NOT* reloaded automatically when you use
+# 'bundle exec jekyll serve'. If you change this file, please restart the
server process.
+
+# Site settings
+# These are used to personalize your new site. If you look in the HTML files,
+# you will see them accessed via {{ site.title }}, {{ site.email }}, and so on.
+# You can create any custom variable you would like, and they will be
accessible
+# in the templates via {{ site.myvariable }}.
+title: reclaim
+email: schanzen@aisec.fraunhofer.de
+description: >- # this means to ignore newlines until "baseurl:"
+ reclaim your identity!
+baseurl: "" # the subpath of your site, e.g. /blog
+url: "https://reclaim-identity.io" # the base hostname & protocol for your
site, e.g. http://example.com
+twitter_username: FraunhoferAISEC
+github_username: schanzen
+sass:
+ sass_dir: _sass
+include: ['_pages', 'index.html', 'impressum.html', 'privacy.html']
+kramdown:
+ input: GFM
+# Build settings
+#theme: minima
+plugins:
+ - jekyll-feed
+
+# Exclude from processing.
+# The following items will not be processed, by default. Create a custom list
+# to override the default setting.
+# exclude:
+# - Gemfile
+# - Gemfile.lock
+# - node_modules
+# - vendor/bundle/
+# - vendor/cache/
+# - vendor/gems/
+# - vendor/ruby/
diff --git a/_includes/footer.html b/_includes/footer.html
new file mode 100644
index 0000000..5a44856
--- /dev/null
+++ b/_includes/footer.html
@@ -0,0 +1,6 @@
+<footer>
+ <div class="separator"></div>
+ <p>(C) 2019 <a
href="https://www.aisec.fraunhofer.de/de/fields-of-expertise/projekte/reclaim.html">Fraunhofer
AISEC</a> |</p>
+ <p><a href="/impressum.html">Imprint</a> | </p>
+ <p><a href="/privacy.html">Privacy</a></p>
+</footer>
diff --git a/_includes/head.html b/_includes/head.html
new file mode 100644
index 0000000..aedb2eb
--- /dev/null
+++ b/_includes/head.html
@@ -0,0 +1,16 @@
+<head>
+ <meta charset="utf-8">
+ <meta http-equiv="x-ua-compatible" content="ie=edge">
+ <meta name="viewport" content="width=device-width, initial-scale=1">
+
+ <title>{% if page.title %}{{ page.title }}{% else %}{{ site.title }}{%
endif %}</title>
+
+ <link rel="stylesheet" href="{{ "/css/bootstrap.min.css" | prepend:
site.baseurl }}">
+ <link rel="stylesheet" href="{{ "/css/main.css" | prepend: site.baseurl }}">
+ <link rel="canonical" href="{{ page.url | replace:'index.html','' | prepend:
site.baseurl | prepend: site.url }}">
+ <link
href='https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,800,600'
rel='stylesheet' type='text/css'>
+ <link href='https://fonts.googleapis.com/css?family=Muli:400,300'
rel='stylesheet' type='text/css'>
+ <link rel="stylesheet"
href="https://use.fontawesome.com/releases/v5.8.1/css/all.css"
integrity="sha384-50oBUHEmvpQ+1lW4y57PTFmhCaXp0ML5d60M1M7uH2+nqUivzIebhndOJK28anvf"
crossorigin="anonymous">
+
+
+</head>
diff --git a/_includes/header.html b/_includes/header.html
new file mode 100644
index 0000000..b38ba42
--- /dev/null
+++ b/_includes/header.html
@@ -0,0 +1,16 @@
+<header>
+ <div >
+ <a href="{{ site.baseurl }}"><img class="logo"
src="/assets/reclaim_logo.png"</img></a><br/>
+ <span style="font-size: 1em"> Self-sovereign, Decentralised Identity
Management and Personal Data Sharing</span>
+ </div>
+</header>
+<aside>
+ <div class="container">
+ <nav>
+ {% for page in site.pages %} {% if page.title %}
+ <a href="{{ page.url | prepend: site.baseurl
}}">{{ page.title }}</a>
+ {% endif %} {% endfor %}
+ </nav>
+ </div>
+</aside>
+
diff --git a/_layouts/default.html b/_layouts/default.html
new file mode 100644
index 0000000..4b2210d
--- /dev/null
+++ b/_layouts/default.html
@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html>
+{% include head.html %}
+
+<body>
+ {% include header.html %}
+ <main>
+ <article>
+ {{ content }}
+ </article>
+ {% include footer.html %}
+ </main>
+</body>
+
+</html>
diff --git a/_layouts/page.html b/_layouts/page.html
new file mode 100644
index 0000000..4b2210d
--- /dev/null
+++ b/_layouts/page.html
@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html>
+{% include head.html %}
+
+<body>
+ {% include header.html %}
+ <main>
+ <article>
+ {{ content }}
+ </article>
+ {% include footer.html %}
+ </main>
+</body>
+
+</html>
diff --git a/_layouts/post.html b/_layouts/post.html
new file mode 100644
index 0000000..07cbcd7
--- /dev/null
+++ b/_layouts/post.html
@@ -0,0 +1,8 @@
+---
+layout: default
+---
+
+<h2>{{ page.title }}</h2>
+<time>{{ page.date | date: "%b %-d, %Y" }}{% if page.author %} • {{
page.author }}{% endif %}{% if page.meta %} • {{ page.meta }}{% endif %}</time>
+
+{{ content }}
diff --git a/_pages/00_index.html b/_pages/00_index.html
new file mode 100644
index 0000000..98421ad
--- /dev/null
+++ b/_pages/00_index.html
@@ -0,0 +1,40 @@
+---
+layout: page
+title: re:claimID
+permalink: /
+---
+
+<h2 style="text-align:center">Reclaim your digital identity!</h2>
+<div class="mainpage card-columns p-2">
+ <div class="card m-2">
+ <div class="card-title">
+ <i class="fas fa-fist-raised"></i> Self-sovereign
+ </div>
+ <div class="card-body">
+ You manage your identities and attributes locally on your computer. No
need to trust a third party service with your data.<br/>
+ </div>
+ </div>
+
+ <div class="card m-2">
+ <div class="card-title">
+ <i class="fas fa-project-diagram"></i> Decentralized
+ </div>
+ <div class="card-body">
+ You can share your identity attributes securely over a decentralized
name system. This allows your friends to access your shared data without the
need of a trusted third party.<br/>
+ </div>
+ </div>
+
+ <div class="card m-2">
+ <div class="card-title">
+ <i class="fab fa-openid"></i> Standard-compliant
+ </div>
+ <div class="card-body">
+ You can use OpenID Connect to integrate reclaim in your web sites.<br/>
+ </div>
+ </div>
+</div>
+<div class="centering tryit">
+ Try it:<br/>
+ <a class="btn btn-primary" href="/for-users"><i class="fa fa-user"></i>
<span class="lbl">For users</span></a>
+ <a class="btn btn-primary" href="/for-websites"><i class="fa fa-globe"></i>
<span class="lbl">For websites</span></a>
+</div>
diff --git a/_pages/01_technology.html b/_pages/01_technology.html
new file mode 100644
index 0000000..b85bcc1
--- /dev/null
+++ b/_pages/01_technology.html
@@ -0,0 +1,91 @@
+---
+layout: page
+title: Technology
+permalink: /tech/
+---
+<h2 style="text-align:center">Overview</h2>
+<div style="text-align:center">
+ <img style="width:35%" src="../assets/reclaim_eq.png"/>
+</div>
+<br/>
+<div class="overview card-columns p-2 mt-4">
+ <div class="card m-2">
+ <div class="card-title">
+ Decentralised identity directory
+ </div>
+ <div class="card-body">
+ The decentralised <i>GNU Name System (GNS)</i> gives users full and
exclusive authority over their attributes by sharing them over user-owned
namespaces.
+ </div>
+ </div>
+ <div class="card m-2">
+ <div class="card-title">
+ Cryptographic access control
+ </div>
+ <div class="card-body">
+Users regularly publish fresh, up-to-date attributes which can be retrieved and
+read only by authorized relying parties parties without direct user
interaction -- even if the user is offline!
+ </div>
+ </div>
+
+</div>
+<h2 style="text-align:center" class="mt-5">Principles</h2>
+<div class="card-columns p-2 mt-4 tech">
+ <div class="card m-2">
+ <div class="card-title">
+ Identity and attribute management
+ </div>
+ <div class="card-subtitle">
+ <img style="width:100%" src="../assets/Reclaim-2.png"/>
+ </div>
+ <div class="card-body">
+ Users regularly publish fresh, up-to-date attributes which can be
retrieved by requesting parties without direct user interaction -- even if the
user is offline!
+ Access to attributes is controlled through an ecryption based access
+ control layer.
+ </div>
+ </div>
+ <div class="card m-2">
+ <div class="card-title">
+ Authorization
+ </div>
+ <div class="card-subtitle">
+ <img style="width:100%" src="../assets/Reclaim-3.png"/>
+ </div>
+ <div class="card-body">
+ To access attributes, requesting parties request authorization from the
+ user thrugh the use of OpenID Connect.
+ If access is granted, the relying party is given the necessary decryption
+ key material.
+ The user may at any time revoke this access or modify the authorization
decision.
+ </div>
+ </div>
+
+<!-- <div class="card m-2">
+ <div class="card-avatar card-img-top">
+ <div class="card-avatar-character">
+
+
+ Attribute Sharing
+ </div>
+ </div>
+ <div class="card-body">
+ Users selectively share personal data with requesting parties by issuing
ABE keys to requesting parties. The keys are generated to match the access
policies of the shared attributes:
+
+ <img style="width:80%" src="../assets/Reclaim-2.png"/>
+ </div>
+</div>-->
+
+ <div class="card m-2">
+ <div class="card-title">
+ Attribute retrieval
+ </div>
+ <div class="card-subtitle">
+ <img style="width:100%" src="../assets/Reclaim-4.png"/>
+ </div>
+ <div class="card-body">
+ Relying parties retrieve encrypted identity data from the decentralised
+ directory.
+ It is able to decrypt all those attributes that the user has authorized
+ it to access using the respective key.
+ </div>
+ </div>
+</div>
diff --git a/_pages/02_users.html b/_pages/02_users.html
new file mode 100644
index 0000000..6b46107
--- /dev/null
+++ b/_pages/02_users.html
@@ -0,0 +1,73 @@
+---
+layout: page
+title: For users
+permalink: /for-users/
+---
+<div class="alert alert-warning"><b>NOTE</b>: This software is still in
development and has not reached a high level of maturity, yet. You are welcome
to try it and it would be of great help to us if you <a
href="https://gitlab.com/groups/reclaimid/-/issues">report any issues you
find.</a></div>
+
+<h2><b>Step 1:</b> Installation</h2>
+<b>re:</b>claimID is implemented as part of <a
href="https://gnunet.org">GNUnet</a> (starting from version
<b>>=0.11.5</b>).
+<!-- Packages exist for a variety of Linux distributions as well as <a
href="https://formulae.brew.sh/formula/gnunet#default">Homebrew for macOS</a>.
+Please refer to the respective package manager documentation on how to install
it. We provide some common examples below.<br/>-->
+<p>Currently, we recommend the use of our
+<a href="https://gitlab.com/reclaimid/gnunet-docker">GNUnet docker image</a>
due to the lack of packages:</p>
+
+<!--<h5 class="mt-2"><b><i class="fab fa-linux"></i> Linux:</b></h5>
+<p class="code">$ apt install gnunet<br/>$ gnunet-arm -s</p>
+
+<h5 class="mt-2"><b><i class="fab fa-apple"></i> macOS:</b></h5>
+<p class="code">$ brew install gnunet<br/>$ gnunet-arm -s</p>
+
+
+<h5 class="mt-2"><b>From source</b> <small>(please see the <a
href="https://gnunet.org/en/tutorial.html">GNUnet installation
tutorials</a>)</small>:</h5>
+<p class="code">
+$ ./configure && make && make install<br/>$ gnunet-arm -s
+</p>
+<h4 class="mt-4"><b>Alternative: Use a docker container</b></h4>-->
+<p class="code">$ docker run -v
$HOME/.local/share/gnunet:/root/.local/share/gnunet -p 7776:7776 -td
reclaimid/gnunet-docker</p>
+
+<h2 class="mt-5"><b>Step 2:</b> Browser plugin</h2>
+<div class="alert alert-info"><b>NOTE</b>: The Chrome browser plugin is not
yet published in the Chrome Web Store.</div>
+
+<p>You also need to install a browser plugin:</p>
+<div class="centering">
+<a class="btn btn-primary" target="_blank" rel="noopener noreferrer"
+
href="https://addons.mozilla.org/addon/reclaimid/"><i class="fab
fa-firefox"></i> Mozilla Firefox</a>
+<a class="btn btn-primary" target="_blank" rel="noopener noreferrer"
+
href="../assets/files/reclaim-plugin-0.1.0.zip"><i class="fab fa-chrome"></i>
Chrome / Chromium</a>
+</div>
+<br/>
+<h2 class="mt-5"><b>Step 3:</b> Creating your first identity</h2>
+<p>Almost there. Now try adding a new identity at <a
href="https://ui.reclaim">your local re:claimID instance</a> and add some
attributes to it.
+<br/>
+
+<h2 class="mt-5">Websites supporting re:claimID</h2>
+<p>To test a login with one of your re:claimID identities, you can go to one
of the websites supporting it:</p>
+<ul>
+ <li><a href="https://demo.reclaim-identity.io">Our demo messaging board</a>
(<a href="https://gitlab.com/reclaimid/demo">Source</a>)</li>
+ <li><a href="https://eusec.clouditor.io">Clouditor EUSEC project
page</a></li>
+</ul>
+
+
+<h2 class="mt-5">Troubleshooting</h2>
+In case you encounter any problems, please check for <a
href="https://gitlab.com/groups/reclaimid/-/issues">known issues and report
bugs to help us improve re:claimID!</a>
+
+<!--<h2 class="mb-5 mt-5" style="text-align:center">Websites</h2>
+
+Create an identity for your website:
+<p class="code">$ gnunet-identity -C $name$</p>
+You can freely choose $name$.
+
+Make your website available via GNS:
+<p class="code">$ gnunet-namestore -z $name$ -a -n $site$ -t A -V $IP -e 1d
-p</p>
+$IP is the IP address of your website.
+
+Store the DNS name of your website in GNS.
+<p class="code">$ gnunet-namestore -z $name$ -a -n $site$ -t LEHO -V $dns -e
1d -p</p>
+$dns$ is the DNS name, e.g. reclaim-identity.io.
+
+Get a TLS certificate in DER format and store the value:
+<p class="code">$ HEXCERT=`xxd -p /etc/reclaim/example.der | tr -d '\n'`</p>
+
+Store the TLS certificate as TLSA record:
+<p class="code">$ gnunet-namestore -z $name -a -n $site$ -t BOX -V "6 443 52 3
0 0 $HEXCERT" -e 1d -p</p>-->
diff --git a/_pages/03_forwebsites.html b/_pages/03_forwebsites.html
new file mode 100644
index 0000000..e726b63
--- /dev/null
+++ b/_pages/03_forwebsites.html
@@ -0,0 +1,64 @@
+---
+layout: page
+title: For websites
+permalink: /for-websites/
+---
+<div class="alert alert-warning"><b>NOTE</b>: This software is still in
development and has not reached a high level of maturity, yet. You are welcome
to try it and it would be of great help to us if you <a
href="https://gitlab.com/groups/reclaimid/-/issues">report any issues you
find.</a></div>
+
+<h2><b>Step 1:</b> Installation</h2>
+<b>re:</b>claimID is implemented as part of <a
href="https://gnunet.org">GNUnet</a> (starting from version
<b>>=0.11.5</b>).
+<!--Packages exist for a variety of Linux distributions as well as <a
href="https://formulae.brew.sh/formula/gnunet#default">Homebrew for macOS</a>.
+ Please refer to the respective package manager documentation on how to
install it. We provide some common examples below.<br/>-->
+<p>Currently, we recommend the use of our
+<a href="https://gitlab.com/reclaimid/gnunet-docker">GNUnet docker image</a>
due to the lack of packages:</p>
+
+
+<!--<h5 class="mt-2"><b><i class="fab fa-linux"></i> Linux:</b></h5>
+<p class="code">$ apt install gnunet<br/>$ gnunet-arm -s</p>
+
+<h5 class="mt-2"><b><i class="fab fa-apple"></i> macOS:</b></h5>
+<p class="code">$ brew install gnunet<br/>$ gnunet-arm -s</p>
+
+
+<h5 class="mt-2"><b>From source</b> <small>(please see the <a
href="https://gnunet.org/en/tutorial.html">GNUnet installation
tutorials</a>)</small>:</h5>
+<p class="code">
+$ ./configure && make && make install<br/>$ gnunet-arm -s
+</p>
+<h4 class="mt-4"><b>Alternative: Use a docker container</b></h4>-->
+<p class="code">$ docker run -v
$HOME/.local/share/gnunet:/root/.local/share/gnunet -p 7776:7776 -td
reclaimid/gnunet-docker</p>
+
+
+
+
+<h2 class="mt-5"><b>Step 2:</b> Registering an OpenID Connect client</h2>
+<p>The easiest way to manage OpenID Connect client is through our CLI tool:</p>
+<p class="code">$ gem install reclaim-oidc</p>
+<p>To register an OpenID Connect client, execute:</p>
+<p class="code">$ reclaim-oidc --add --client-name myclient --redirect-uri
https://mywebsite.com/oidc_cb --description "My Client"</p>
+<p>You can list all registered clients and your local OpenID Connect metadata
required to initiate an authorization code flow by executing:</p>
+<p class="code">$ reclaim-oidc --list </p>
+<p>The response will look like this</p>
+<p class="code">OpenID Connect Provider Information:<br/>
+------------------------------------<br/>
+Authorize Endpoint: http://localhost:7776/openid/authorize<br/>
+Token Endpoint: http://localhost:7776/openid/token<br/>
+JSON-Web-Token Algorithm: HS512<br/>
+JSON-Web-Token key: secret<br/>
+Example Authorization Redirect:<br/>
+https://api.reclaim/openid/authorize?client_id=<client_id>&redirect_uri=<redirect_uri>&response_type=code&scope=email%20full_name&nonce=1234<br/>
+<br/>
+Registered Clients:<br/>
+-------------------<br/>
+name: myclient<br/>
+client_id: <client_id><br/>
+client_secret: <client_secret><br/>
+description: My Client<br/>
+redirect_uri: https://mywebsite.com/oidc_cb<br/>
+...
+</p>
+<div class="alert alert-info"><b>NOTE</b>: The client secrets and JWT token
signing keys can be configured. However, due to the fact that re:claimID
endpoint are running on your local machine, they are not critical.</div>
+
+<h2 class="mt-5"><b>Step 3:</b> Website integration</h2>
+<p>You can use the information above to integrate re:claimID as a generic <a
href="https://openid.net/specs/openid-connect-core-1_0.html">OpenID Connect
Identity Provider</a> into the web application of your choice. The integration
steps for this part depend on the application you use. Hence, please refer to
your respective documentation or the OpenID Connect specifications.
+</p>
+<p>The sources of our <a href="https://demo.reclaim-identity.io">demo
website</a> can be found in our <a
href="https://gitlab.com/reclaimid/demo">gitlab project</a>.</p>
diff --git a/_pages/04_motivation.html b/_pages/04_motivation.html
new file mode 100644
index 0000000..92575c3
--- /dev/null
+++ b/_pages/04_motivation.html
@@ -0,0 +1,33 @@
+---
+layout: page
+title: Motivation
+permalink: /motivation/
+---
+
+<h2 style="text-align:center">Motivation</h2>
+<div>
+<p>
+Today, users are often required to share personal data, like email addresses,
to use services on the web. As part of normal service operation, such as
notifications or billing, services require access to -- ideally fresh and
correct -- user data.
+Sharing attributes in the Web today is often done via centralized service
providers to reduce data redundancy and to give services access to current,
up-to-date information even if the user is currently offline.
+Abuse of this power is theoretically limited by local laws and regulations.
+But, the past has shown that even well-meaning identity providers struggle to
keep user data safe as they become major targets for hackers and nation state
actors while striving for monetizing anonymized statistics from these data.
+We advocate for a new, decentralized way for users to manage their identities
for the following reasons:
+</p>
+<ul class="fa-ul">
+ <li><i class="fa-li fas fa-caret-right"></i> The current state of omniscient
identity providers is a significant threat to the users' privacy.</li>
+ <li><i class="fa-li fas fa-caret-right"></i> Users must completely trust the
service provider with respect to protecting the integrity and confidentiality
of their identity in their interest.</li>
+ <li><i class="fa-li fas fa-caret-right"></i> The service provider itself is
facing substantial liability risks given the responsibility of securely
managing potentially sensitive personal data of millions of users.</li>
+</ul>
+
+<p>re:claimID is built as a service on top of the peer-to-peer framework <a
href="https://gnunet.org">GNUnet</a>.<br/>
+It emerged from research conducted by the research group "Secure
+Applications and Services" at the <a
href="https://www.aisec.fraunhofer.de/de/fields-of-expertise/projekte/reclaim.html">Fraunhofer
AISEC</a> research institute.<br/>
+A scientific, peer-reviewed paper on the theoretical foundations of re:claimID
+was published at <a
href="https://ieeexplore.ieee.org/document/8456003">TrustCom 2018</a>
+(<a href="https://arxiv.org/abs/1805.06253v1">Arxiv</a>).<br/> re:claimID is
+primarily developed in the
+<a href="https://git.gnunet.org/gnunet.git/tree/src/reclaim">GNUnet source
tree</a>.
+Accompanying tools and sources can be found in the
+<a href="https://gitlab.com/reclaimid">Gitlab project</a>.
+</p>
+</div>
diff --git a/_pages/05_faq.html b/_pages/05_faq.html
new file mode 100644
index 0000000..5cd31ee
--- /dev/null
+++ b/_pages/05_faq.html
@@ -0,0 +1,25 @@
+---
+layout: page
+title: FAQ
+permalink: /faq/
+---
+
+<h2 style="text-align:center">Frequently Asked Questions</h2>
+<div>
+<ul class="fa-ul">
+ <li class="mt-4"><i class="fa-li fas fa-question-circle"></i> <b>How is
re:claimID different from</b> <i><insert other identity provider service
here> ?</i></li>
+ <li><i class="fa-li fas fa-comment"></i> Unlike most other identity provider
services, re:claimID is not operated by a single service provider or even a
federated consortium of service providers. Instead, it is a fully decentralised
service operated implicitly by its users. Consequently, large-scale data
monetisation, mass-surveillance and other (ab)use of personal data is
inherently mitigated.</li>
+ <li class="mt-4"><i class="fa-li fas fa-question-circle"></i> <b>How much
does re:claimID cost?</b></li>
+ <li><i class="fa-li fas fa-comment"></i> re:claimID is Free Software. We
argue that in order for an identity system to be a credible solution for
self-sovereign citizens to exercise their right to digital self determination,
open and free software as well as services are indispensible.</li>
+ <li class="mt-4"><i class="fa-li fas fa-question-circle"></i> <b>How does
re:claimID work?</b></li>
+ <li><i class="fa-li fas fa-comment"></i> re:claimID uses the GNU Name System
as identity and attribute directory service. In order to allow the user to
enforce access control decisions, we use a cryptographic access control layer.
However, the user is not required to manage any cryptographic keys or manage
zones in a namespace. This is done under the hood by re:claimID.</li>
+ <li class="mt-4"><i class="fa-li fas fa-question-circle"></i> <b>How does a
website know the attribute data share via re:claimID is correct?</b></li>
+ <li><i class="fa-li fas fa-comment"></i> Short answer: It doesn't.
+ Long answer: Identities are initially self-asserted by the user.
re:claimID could, however, also be used to share third party attested
attributes (e.g. X.509 certificates). Further, we are working on integrating <a
href="https://github.com/kiliant/zklaim">privacy credentials</a> for this use
case.</li>
+ <li class="mt-4"><i class="fa-li fas fa-question-circle"></i> <b>Who is
behind re:claimID?</b></li>
+ <li><i class="fa-li fas fa-comment"></i> re:claimID is developed primarily
by <a href="https://aisec.fraunhofer.de">Fraunhofer AISEC</a>.</li>
+ <li class="mt-4"><i class="fa-li fas fa-question-circle"></i> <b>I found a
bug!</b></li>
+ <li><i class="fa-li fas fa-comment"></i> We aim to continuously develop and
improve re:claimID. Help us by <a
href="https://gitlab.com/groups/reclaimid/-/issues">reporting any issues you
encounter</a>.</li>
+</ul>
+
+</div>
diff --git a/_posts/2018-07-20-welcome-to-jekyll.markdown
b/_posts/2018-07-20-welcome-to-jekyll.markdown
new file mode 100644
index 0000000..d599b3e
--- /dev/null
+++ b/_posts/2018-07-20-welcome-to-jekyll.markdown
@@ -0,0 +1,25 @@
+---
+layout: post
+title: "Welcome to Jekyll!"
+date: 2018-07-20 21:48:15 +0200
+categories: jekyll update
+---
+You’ll find this post in your `_posts` directory. Go ahead and edit it and
re-build the site to see your changes. You can rebuild the site in many
different ways, but the most common way is to run `jekyll serve`, which
launches a web server and auto-regenerates your site when a file is updated.
+
+To add new posts, simply add a file in the `_posts` directory that follows the
convention `YYYY-MM-DD-name-of-post.ext` and includes the necessary front
matter. Take a look at the source for this post to get an idea about how it
works.
+
+Jekyll also offers powerful support for code snippets:
+
+{% highlight ruby %}
+def print_hi(name)
+ puts "Hi, #{name}"
+end
+print_hi('Tom')
+#=> prints 'Hi, Tom' to STDOUT.
+{% endhighlight %}
+
+Check out the [Jekyll docs][jekyll-docs] for more info on how to get the most
out of Jekyll. File all bugs/feature requests at [Jekyll’s GitHub
repo][jekyll-gh]. If you have questions, you can ask them on [Jekyll
Talk][jekyll-talk].
+
+[jekyll-docs]: https://jekyllrb.com/docs/home
+[jekyll-gh]: https://github.com/jekyll/jekyll
+[jekyll-talk]: https://talk.jekyllrb.com/
diff --git a/_sass/_base.scss b/_sass/_base.scss
new file mode 100644
index 0000000..1fc85a0
--- /dev/null
+++ b/_sass/_base.scss
@@ -0,0 +1,19 @@
+$content-width: 90%;
+$main: #19CCAA;
+$font-style: 'Open Sans', sans-serif;
+$font-color: #262626;
+$link-color: #1f82c0;
+$link-hover-color: #1f82c0;
+$heading-font: 'Open Sans', sans-serif;
+$heading-font-color: #555;
+//$heading-font-color: rgba(23,156,125,1);
+$light: #E7EDF4;
+$header: #FFFFFF;
+
+*,
+*::before,
+*::after {
+ -webkit-box-sizing: border-box;
+ -moz-box-sizing: border-box;
+ box-sizing: border-box;
+}
diff --git a/_sass/_layout.scss b/_sass/_layout.scss
new file mode 100644
index 0000000..9bc13db
--- /dev/null
+++ b/_sass/_layout.scss
@@ -0,0 +1,278 @@
+
+body {
+ margin: 0;
+ color: $font-color;
+ font-family: $font-style;
+ font-size: 1.1em;
+ line-height: 1.6;
+ -webkit-font-smoothing: antialiased;
+ background-color: #fff !important;
+}
+h1,
+h2,
+h3 {
+ font-weight: 400;
+ // color: $heading-font-color;
+ font-family: $heading-font;
+ line-height: 1.5;
+ //border-top: 1px solid #111;
+ border-bottom: 1px solid #eee;
+}
+
+.fhggreen {
+ color: $heading-font-color;
+}
+
+h1 {
+ color: $main;
+ font-size: 2.5em;
+ a,
+ a:visited {
+ text-decoration: none;
+ color: $main;
+ }
+}
+h2 {
+ font-size: 2em;
+}
+header {
+ background: $header;
+ text-align: center;
+ display: flex;
+ justify-content: center;
+ align-items: center;
+ height: 6em;
+}
+img.logo {
+ height: 3em;
+}
+
+.card img {
+ margin-top: 1em;
+}
+
+div.figure {
+ text-align:center;
+ width: 100%;
+ margin: 2em;
+}
+
+main {
+ padding: 0 15px;
+ padding-top: 2em;
+ max-width: $content-width;
+ margin: 0 auto;
+}
+time {
+ color: #898989;
+}
+.container {
+ max-width: $content-width;
+ margin: 0 auto;
+}
+
+.btn {
+ box-shadow: 0px 1px 2px -1px rgba(0, 0, 0, 0.5);
+}
+
+.tech .card {
+ //min-height: 35em;
+}
+
+.card-title {
+ //color: $heading-font-color;
+ text-align: center;
+ margin-bottom: 0;
+ //color: #eee;
+ //background-color: #555;
+ //background-color: $heading-font-color;
+ //border-bottom: 1px solid #888;
+ //min-height: 50px;
+}
+
+.card-subtitle {
+ color: #333;
+ margin: .5em;
+}
+
+@media (min-width: 576px) {
+ .card-columns {
+ column-count: 1;
+ }
+}
+
+@media (min-width: 768px) {
+ .card-columns {
+ column-count: 1;
+ }
+}
+
+@media (min-width: 992px) {
+ .card-columns {
+ column-count: 1;
+ }
+}
+
+@media (min-width: 1200px) {
+ .card-columns {
+ column-count: 3;
+ }
+ .overview.card-columns {
+ column-count: 2;
+ }
+}
+
+.btn-primary {
+ background-color: #fff;
+ color: #555;
+ border-radius: 20px;
+ font-size: 1em;
+ //box-shadow: 0px 0px 3px 0px #eee;
+ border: 1px solid #ddd;
+ //min-width: 10em;
+}
+
+.btn-primary:hover {
+ background-color: #555;
+ color: #eee;
+ border-color: #555;
+}
+
+.card-title {
+ font-size: 1.5em;
+}
+
+.card-columns {
+ animation-duration: 3s;
+ animation-name: fadein;
+}
+
+@keyframes fadein {
+ from {
+ opacity: 10%;
+ }
+
+ to {
+ opacity: 100%;
+ }
+}
+
+.card.selected {
+ box-shadow: 0px 1px 2px -1px rgba(0, 0, 0, 0.5);
+ //border-color: #343a40;
+}
+
+.card tr.openid.text-dimmed {
+ color: #eee;
+}
+
+.card tr td.name {
+ font-weight: bold;
+}
+
+.card tr td.value {
+ font-style: italic;
+}
+
+div.card {
+ box-shadow: 0px 1px 2px -1px rgba(0, 0, 0, 0.5);
+ //box-shadow: 0px 0px 2px 0px #eee;
+ border: 1px solid #ddd;
+ border-radius: 1em;
+ //height: 18em;
+}
+
+div.alert {
+ border-radius: 0;
+}
+
+div.separator {
+ height: 1px;
+ background-color: #eee;
+ margin-top: 2em;
+ margin-bottom: 2em;
+}
+
+/* Aside */
+
+aside {
+ background: #fff;
+ width: 100%;
+ z-index: 2;
+ border-bottom: 1px solid lighten($light, 30%);
+ box-shadow: 0px 1px 1px RGBA(4, 25, 54, .1);
+ nav {
+ //float: left;
+ text-align: center;
+ max-width: 800px;
+ margin: 0 auto;
+ a {
+ text-decoration: none;
+ display: inline-block;
+ padding: 15px;
+ //font-family: 'Muli', sans-serif;
+ line-height: 20px;
+ margin-bottom: -1px;
+ box-shadow: 0;
+ &:hover,
+ &:active {
+ background: $header;
+ text-decoration: none;
+ color: #1f82c0;
+ }
+ }
+ &:after {
+ content: '';
+ display: table;
+ clear: both;
+ }
+ }
+}
+
+aside {
+ background-color: #555;
+}
+
+aside .container nav a {
+ color: #eee;
+}
+
+aside .container nav a:hover {
+ color: $heading-font-color;
+}
+
+.centering {
+ text-align: center;
+}
+
+footer {
+ text-align: center;
+ padding: 40px;
+}
+
+footer p {
+ display: inline-block;
+}
+
+.tryit a {
+ width: 8em;
+ border-radius: 10em;
+ font-size: 2em;
+}
+
+p.code {
+ background-color: #555;
+ color: #fff;
+ padding-left: 1em;
+ padding-top: 0.5em;
+ padding-bottom: 0.5em;
+ border: 1px solid #ccc;
+ border-radius: 5px;
+ box-shadow: 1px 1px 4px 0px #111 inset;
+ margin-left: 10%;
+ margin-right: 10%;
+}
+
+.mainpage .card {
+ /*height: 23em;*/
+}
diff --git a/assets/Reclaim-2.png b/assets/Reclaim-2.png
new file mode 100644
index 0000000..8a404c6
Binary files /dev/null and b/assets/Reclaim-2.png differ
diff --git a/assets/Reclaim-3.png b/assets/Reclaim-3.png
new file mode 100644
index 0000000..bee5324
Binary files /dev/null and b/assets/Reclaim-3.png differ
diff --git a/assets/Reclaim-4.png b/assets/Reclaim-4.png
new file mode 100644
index 0000000..5de5181
Binary files /dev/null and b/assets/Reclaim-4.png differ
diff --git a/assets/Reclaim-5.png b/assets/Reclaim-5.png
new file mode 100644
index 0000000..b36644e
Binary files /dev/null and b/assets/Reclaim-5.png differ
diff --git a/assets/Reclaim-6.png b/assets/Reclaim-6.png
new file mode 100644
index 0000000..558f3dc
Binary files /dev/null and b/assets/Reclaim-6.png differ
diff --git a/assets/gnunet.png b/assets/gnunet.png
new file mode 100644
index 0000000..0b1a2b1
Binary files /dev/null and b/assets/gnunet.png differ
diff --git a/assets/proxy_setup.png b/assets/proxy_setup.png
new file mode 100644
index 0000000..9e67c1a
Binary files /dev/null and b/assets/proxy_setup.png differ
diff --git a/assets/reclaim.png b/assets/reclaim.png
new file mode 100644
index 0000000..558f3dc
Binary files /dev/null and b/assets/reclaim.png differ
diff --git a/assets/reclaim_eq.png b/assets/reclaim_eq.png
new file mode 100644
index 0000000..26e1298
Binary files /dev/null and b/assets/reclaim_eq.png differ
diff --git a/assets/reclaim_icon.png b/assets/reclaim_icon.png
new file mode 100644
index 0000000..4e23a1d
Binary files /dev/null and b/assets/reclaim_icon.png differ
diff --git a/assets/reclaim_logo.png b/assets/reclaim_logo.png
new file mode 100644
index 0000000..b955553
Binary files /dev/null and b/assets/reclaim_logo.png differ
diff --git a/assets/reclaim_oidc.png b/assets/reclaim_oidc.png
new file mode 100644
index 0000000..802a9f2
Binary files /dev/null and b/assets/reclaim_oidc.png differ
diff --git a/assets/strength.png b/assets/strength.png
new file mode 100644
index 0000000..2baf603
Binary files /dev/null and b/assets/strength.png differ
diff --git a/css/bootstrap.min.css b/css/bootstrap.min.css
new file mode 100644
index 0000000..9746051
--- /dev/null
+++ b/css/bootstrap.min.css
@@ -0,0 +1,7 @@
+/*!
+ * Bootstrap v4.1.2 (https://getbootstrap.com/)
+ * Copyright 2011-2018 The Bootstrap Authors
+ * Copyright 2011-2018 Twitter, Inc.
+ * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE)
+
*/:root{--blue:#007bff;--indigo:#6610f2;--purple:#6f42c1;--pink:#e83e8c;--red:#dc3545;--orange:#fd7e14;--yellow:#ffc107;--green:#28a745;--teal:#20c997;--cyan:#17a2b8;--white:#fff;--gray:#6c757d;--gray-dark:#343a40;--primary:#007bff;--secondary:#6c757d;--success:#28a745;--info:#17a2b8;--warning:#ffc107;--danger:#dc3545;--light:#f8f9fa;--dark:#343a40;--breakpoint-xs:0;--breakpoint-sm:576px;--breakpoint-md:768px;--breakpoint-lg:992px;--breakpoint-xl:1200px;--font-family-sans-serif:-apple-s
[...]
+/*# sourceMappingURL=bootstrap.min.css.map */
\ No newline at end of file
diff --git a/css/main.scss b/css/main.scss
new file mode 100644
index 0000000..67498ec
--- /dev/null
+++ b/css/main.scss
@@ -0,0 +1,6 @@
+---
+# Front matter comment to ensure Jekyll properly reads file.
+---
+@import
+ "base",
+ "layout"
diff --git a/impressum.html b/impressum.html
new file mode 100644
index 0000000..b633d24
--- /dev/null
+++ b/impressum.html
@@ -0,0 +1,22 @@
+---
+layout: default
+permalink: /impressum
+---
+<div>
+<h2 style="text-align: center">Imprint</h2>
+<p>The</p>
+<p>Fraunhofer-Institut für Angewandte und Integrierte Sicherheit (AISEC)</p>
+<p>Lichtenbergstraße 11</p>
+<p>85748 Garching</p>
+<p>Phone +49 89 322 99 86-0</p>
+<br/>
+<p>is a constituent entity of the</p>
+<br/>
+<p>Fraunhofer-Gesellschaft</p>
+<p>zur Förderung der angewandten Forschung e.V.</p>
+<p>Hansastraße 27 c</p>
+<p>80686 München</p>
+<p>Internet: <a href="http://www.fraunhofer.de"/>www.fraunhofer.de</a></p>
+<p>E-Mail: info(at)zv.fraunhofer.de<p>
+<p>and as such has no separate legal status.</p>
+</div>
diff --git a/privacy.html b/privacy.html
new file mode 100644
index 0000000..8d97619
--- /dev/null
+++ b/privacy.html
@@ -0,0 +1,142 @@
+---
+layout: page
+permalink: /privacy
+---
+<h2 style="text-align: center">Data Protection</h2>
+
+<p>When using this website, your personal data will be processed by us as the
data controller and stored for as long as is necessary for the fulfilment of
the purposes specified and statutory requirements. Below, we will provide
information about which data this involves, how it will be processed and to
which rights you are entitled to in this regard.</p>
+<p>Personal data, as defined by Article 4(1) General Data Protection
Regulation (GDPR) includes any information relating to an identified or
identifiable natural person.<br> </p>
+<h4><a name="_Toc343784611"></a>1. Name and contact data of the data
controller and of the corporate Data Protection Officer</h4>
+<p>This data protection information is applicable to data processing on the <a
href="https://www.fraunhofer.de/en.html" target="_blank" class="
external">www.fraunhofer.de</a> website by the controller:<br> <br>
Fraunhofer-Gesellschaft<br> zur Förderung der angewandten Forschung e.V.<br>
Hansastraße 27 c<br> 80686 Munich, Germany<br> <br> (hereinafter referred to as
“Fraunhofer”)<br> <br> E-Mail: info@zv.fraunhofer.de<br> Telephone: +49 89
1205-0<br> Fax: +49 89 1205-7531</p>
+<p><br> The Data Protection Officer at Fraunhofer may be reached at the
above-mentioned address, attention of Data Protection Officer or at <a
href="mailto:datenschutz@zv.fraunhofer.de" target="_blank" class="
external">datenschutz@zv.fraunhofer.de</a>.</p>
+<p>In case you have any questions about data protection law or your rights as
the data subject, you may directly contact our Data Protection Officer.<br>
</p>
+<h4><a name="_Toc343784612"></a>2. Processing personal data and purposes of
processing<br> </h4>
+<p><b>a) When visiting the website</b></p>
+<p>You may access the website <a href="https://www.fraunhofer.de/en.html"
target="_blank" class=" external">www.fraunhofer.de</a>without having to
disclose any details of your identity. What the browser on your terminal device
does automatically is only to send information to the server of our website
(e.g. browser type and version, date and time of access) so as to allow a
connection with the website. This also includes the IP address of your
requesting terminal device. It is temporaril [...]
+<p>The IP address is processed for technical and administrative purposes
regarding connection set-up and stability, to guarantee the security and
functioning of our website and to be able to track any illegal attacks on the
website, if required.</p>
+<p>The legal basis for processing the IP address is the first sentence of
point (f) of Article 6(1) GDPR. Our legitimate interest ensues from said
security interest and the necessity of the unobstructed availability of our
website.</p>
+<p>We cannot draw any direct conclusions about your identity from processing
the IP address and other information in the log file. Moreover, we use cookies
and analytics services when you visit our website. For more information on
this, please refer to clauses 4 and 5 of this Data Protection Information.</p>
+<p><b>b) When registering for events</b></p>
+<p>We offer a variety of events through our website on a regular basis, for
which you may register online. When registering for an event, you need to enter
the following mandatory data. These include:</p>
+<ul>
+ <li><span class="bulletpointlist">First name and surname</span></li>
+ <li><span class="bulletpointlist">Address </span></li>
+ <li><span class="bulletpointlist">Email address</span></li>
+</ul>
+<p>Any other mandatory data are marked as such (e.g. with *). Besides, other
data may often be entered voluntarily.</p>
+<p>The mandatory data are processed in order to identify the interested
persons as participants of the event, to perform the participation contract,
and to provide the participants with information pertaining to the event
before, during and after the event. The voluntary data allows us to plan and
execute the event based on interest and age criteria.</p>
+<p>Data processing takes place at the request of the interested participants
and is necessary pursuant to the first sentence of point (b) of Article 6 (1)
GDPR for the purposes mentioned for the performance of the participation
contract and in order to take steps prior to entering into it.</p>
+<p>For the registration of our events through our web forms, we work in
collaboration with the service provider Mailingwork GmbH, Birkenweg 7, 09569
Oederan (“Mailingwork”). The purpose of the collaboration is to professionally
manage online registrations. For this purpose, the entered data is stored on
the servers of Mailingwork in Germany.</p>
+<p>We have concluded an order processing agreement with Mailingwork. By this
agreement, Mailingwork assures that it will process the data on our account in
accordance with the General Data Protection Regulation and guarantees the
protection of rights of the data subjects.</p>
+<p><b>c) When using the ordering service</b></p>
+<p>We offer an ordering service on our website that allows you to order annual
reports or the Fraunhofer magazine free of cost as a single copy or as a
subscription. To order these, we collect the following mandatory data</p>
+<ul>
+ <li><span class="bulletpointlist">Title</span></li>
+ <li><span class="bulletpointlist">First name, surname</span></li>
+ <li><span class="bulletpointlist">Address</span></li>
+ <li><span class="bulletpointlist">Country</span></li>
+</ul>
+<p>You may also voluntarily provide additional data (e.g. title, company,
department) and provide specifics for your order.</p>
+<p>The collection and further processing of this data takes place in order</p>
+<ul>
+ <li><span class="bulletpointlist">to be able to identify you as our
contractual partner</span></li>
+ <li><span class="bulletpointlist">to check the entered data for
plausibility</span></li>
+ <li><span class="bulletpointlist">to process your order.</span></li>
+</ul>
+<p>Data processing takes place at your request and is necessary pursuant to
the first sentence of point (b) of Article 6(1) GDPR for the purposes mentioned
for the fulfilment of your order and to take steps prior to entering into the
contract.</p>
+<p>We work in collaboration with a service provider, lettershop-berlin.de, for
processing your order. We manually submit your data to it for your goods to be
dispatched. After completion of the order, the service provider will
automatically delete the data.</p>
+<p>The personal data we collect for the order is stored with us for as long as
is necessary for the performance of the contract. If you have ordered a
subscription, we will store your data until the termination of the
subscription. In case of one-time orders, we will delete your personal data
after completion of the delivery.</p>
+<p><b>d) When subscribing to a newsletter</b></p>
+<p>On various occasions, we offer on our website the option to register for a
newsletter or press distribution list. If you have expressly given your consent
pursuant to the first sentence of point (a) of Article 6(1) GDPR, we will use
your email address to regularly send you information corresponding to your
selection. To receive the information, an email address and the desired
language version is sufficient.</p>
+<p>You may provide additional personal data voluntarily (e.g. name, address
and telephone number). We use this data to contact you by telephone or post
(e.g. for press invitations).</p>
+<p>You will then receive a registration notification by email, which you need
to confirm to be able to receive the newsletter (so-called double opt-in). This
helps us verify that it is actually you who have initiated the registration.</p>
+<p>Unsubscribing is possible at any time, e.g. via a link at the end of each
press newsletter. Alternatively, you may also send your unsubscribing request
to <a href="mailto:datenschutz@zv.fraunhofer.de" target="_blank" class="
external">datenschutz@zv.fraunhofer.de</a>by email.</p>
+<p>After withdrawing your consent for sending the newsletter, your email
address will be deleted immediately.</p>
+<p>We send our newsletter by means of the service provider Mailingwork GmbH,
Birkenweg 7, 09569 Oederan (“Mailingwork”). The email addresses and data of our
newsletter recipients are stored on our behalf on the servers of Mailingwork in
Germany.</p>
+<p>Mailingwork uses this information to send and evaluate the newsletter on
our behalf. For this purpose we have concluded an order processing agreement
with Mailingwork. By means of this agreement, Mailingwork assures that it
processes the data in accordance with the General Data Protection Regulation
and guarantees the protection of rights of the data subjects.</p>
+<p>Mailingwork assures that personal data is fully protected against
unauthorised access. Mailingwork itself does not use the data of our newsletter
recipients to write to them or to transfer the data to third parties. As a
reliable email sender, Mailingwork is also certified by the Certified Senders
Alliance.</p>
+<p><b>e) When using the contact form for tenders</b></p>
+<p>For queries regarding our tenders, we offer you the option of contacting us
directly by means of a contact form provided on the website. The following data
are necessary as mandatory data:</p>
+<ul>
+ <li><span class="bulletpointlist">Title</span></li>
+ <li><span class="bulletpointlist">First name and surname</span></li>
+ <li><span class="bulletpointlist">Company</span></li>
+ <li><span class="bulletpointlist">Department and function</span></li>
+ <li><span class="bulletpointlist">Country</span></li>
+ <li><span class="bulletpointlist">Telephone number</span></li>
+ <li><span class="bulletpointlist">Email address and</span></li>
+ <li><span class="bulletpointlist">Your query</span></li>
+</ul>
+<p>We require your data to determine that the query has come from a company
and to be able to answer and process it. Additionally you may provide your
address, fax number and homepage and upload files, if required. The data is
processed exclusively for processing your query and is not taken into account
for any future award procedure.</p>
+<p>The processing of data takes place upon your request and is within the
framework of answering a contact request supported by our legitimate interest
pursuant to the first sentence of point (f) of Article 6(1) GDPR.</p>
+<p>The personal data collected by us when you use the contact form will be
deleted after completion of your query.</p>
+<p> </p>
+<h4><a name="_Toc343784613"></a>3. Transfer of personal data to third
parties</h4>
+<p>Except for the aforementioned cases (registration for events, using the
ordering service, subscription to a newsletter), we forward your personal data
to third parties only if:</p>
+<ul>
+ <li><span class="bulletpointlist">you have given your express consent
pursuant to the first sentence of point (a) of Article 6(1) GDPR, </span></li>
+ <li><span class="bulletpointlist">it is necessary for the performance of a
contract with you pursuant to the first sentence of point (b) of Article 6(1)
GDPR,</span></li>
+ <li><span class="bulletpointlist">A statutory obligation exists for
transferring pursuant to the first sentence of point (c) of Article 6(1)
GDPR.</span></li>
+</ul>
+<p>Especially if you have registered for an event, it may be necessary within
the scope of performance of the contract that your personal data needs to be
transferred to an external organiser. In connection with an event registration,
you will be informed about who the organiser is and whether it is an external
organiser. This organiser will process personal data within the scope of the
event and especially for the management of participants.</p>
+<p>Sending personal data to a third country (outside the EU) or an
international organisation is excluded.<br> </p>
+<h4><a name="_Toc343784614"></a>4. Cookies</h4>
+<p>We use cookies on our site. Cookies are small files that are automatically
created by your browser and stored on your terminal device (laptop, tablet,
smartphone, etc.) when you visit our site. Cookies do not cause any damage to
your terminal device and do not contain any virus, trojan or other malware.</p>
+<p>Cookies contain information resulting from connection with the specific
terminal device used. However, this does not mean that we have immediate
knowledge of your identity.</p>
+<p>We use cookies to capture statistical data on the use of our website and to
evaluate them for optimising our offer for you (cf. clause 5). These cookies
enable us to automatically recognize during a new visit to our site that you
have visited our site before. These cookies are automatically deleted after a
defined time.</p>
+<p>The data processed by cookies is necessary for the purposes mentioned with
due regard of our legitimate interest pursuant to the first sentence of point
(f) of Article 6(1) GDPR.</p>
+<p>Most browsers accept cookies automatically. However, you may configure your
browser so that cookies are not stored on your computer or that you are always
notified before a new cookie is created. The complete disabling of cookies,
however, may lead to your not being able to use all functions of our
website.</p>
+<h4><a name="_Toc343784615"></a>5. Web analysis through Leadlab</h4>
+<p>On our website we use the Leadlab service by Wiredminds GmbH and its
tracking pixel technology to analyse user behaviour and optimise our site based
on it. The service particularly allows us to identify which companies have
visited our site. In doing so we do not obtain any information that may
identify you directly.</p>
+<p>In connection with the use of Leadlab, cookies and tracking pixels are used
which allow statistical analysis of the use of this website through your
visits. Information, including personal information about your visiting
behaviour, is stored in the cookie and sent to Wiredminds or is directly
obtained by Wiredminds. The information is processed by Wiredminds, who use a
pseudonym in a usage profile for the purpose of analysis. The data is
anonymised to the extent possible.</p>
+<p>The data thus collected is not used to identify you except with your
express consent, nor is the data merged with your personal data as a bearer of
the pseudonym.</p>
+<p>If IP addresses are collected, they are immediately anonymised after
collection by deleting the last number block.</p>
+<p>For more information about data protection at Wiredminds, please visit
their <a href="https://www.wiredminds.de/en/data-protection/" target="_blank"
class=" external">website.</a>.</p>
+<p>The data is processed based on our legitimate interest, pursuant to point
(f) of Article 6(1) GDPR, to optimise our online offer and our web presence.
Wiredminds processes the data on our behalf and we have concluded an order
processing agreement with Wiredminds. It ensures that the data processing on
our behalf takes place in accordance with the General Data Protection
Regulation and that the rights of the data subjects are protected.</p>
+<p>If you do not wish that your usage behaviour is recorded and analysed, you
may object by means of <a
href="https://statistik.fraunhofer.de/track/optout.php?lid=dd5f86817814da995faf987490edd266&lang=EN"
target="_blank" class=" external">opt-out cookies</a>An opt-out cookie is set
which prevents future capturing of your data when visiting this website. The
opt-out cookie is only applicable to this browser and only for our website and
is stored on your device. If you delete the cooki [...]
+<h4><a name="_Toc343784616"></a>6. Social plug-ins</h4>
+<p>We use so-called social media buttons (also called social media plug-ins)
on our website. These are small buttons by means of which you may publish the
contents of our website in your profile on social networks.</p>
+<p>If you activate such a button, a connection is established between our
website and the social network. In addition to the contents in question, the
operator of the social network also obtains additional, partly personal,
information. For instance, it includes the fact that you are currently visiting
our site.<br> <br> The social media buttons are integrated using the so-called
Shariff solution. This solution developed by Heise and c’t prevents a
connection with a social network from b [...]
+<p>We use the following social media plug-ins:</p>
+<p><b>a) Facebook Ireland Limited: share on Facebook</b></p>
+<p>Information is partly transferred to the parent company Facebook Inc.,
headquartered in the USA. It respects the data protection regulations of the US
Privacy Shield and is registered with the US Privacy Shield program of the US
Department of Commerce.<br> For the purpose and scope of the data collection
and the further processing and use of the data by Facebook as well as your
related rights and configuration options for protecting your private space,
please refer to the <a href="htt [...]
+<p><b>b) Twitter International Company: share on Twitter</b></p>
+<p>Information is partly transferred to the parent company Twitter Inc.,
headquartered in the USA. It respects the data protection regulations of the US
Privacy Shield and is registered with the US Privacy Shield program of the US
Department of Commerce.</p>
+<p>For more information on data protection with Twitter, please refer to the
<a href="https://twitter.com/en/privacy" target="_blank" class="
external">Twitter privacy statement.</a></p>
+<p><b>c) Google LLC: share on Google+</b></p>
+<p>Google respects the data protection regulations of the US Privacy Shield
and is registered with the US Privacy Shield program of the US Department of
Commerce.</p>
+<p>For more information on data protection with Google, please refer to the <a
href="https://policies.google.com/privacy?hl=en" target="_blank" class="
external">Google privacy statement.</a></p>
+<p><b>d) XING SE: share on Xing</b></p>
+<p>For more information on data protection with XING, please refer to the <a
href="https://privacy.xing.com/en" target="_blank" class=" external">XING
privacy statement.</a></p>
+<p><b>e) LinkedIn: share on LinkedIn</b></p>
+<p>Information is partly transferred to the parent company LinkedIn
Corporation, headquartered in the USA. It respects the data protection
regulations of the US Privacy Shield and is registered with the US Privacy
Shield program of the US Department of Commerce.</p>
+<p>For more information on data protection with LinkedIn, please refer to the
<a href="https://www.linkedin.com/legal/privacy-policy" target="_blank" class="
external">LinkedIn privacy statement.</a></p>
+<h4><a name="_Toc343784617"></a>7. YouTube</h4>
+<p>On the basis of a consent pursuant to the first sentence of point (f) of
Article 6(1) GDPR, we use components (videos) of the company YouTube, LLC 901
Cherry Ave., 94066 San Bruno, CA, USA (hereinafter: “YouTube”), a company of
Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter:
“Google”) on our Internet pages.</p>
+<p>In so doing we use the option of “extended data protection mode” provided
by YouTube.</p>
+<p>When you access a page containing an embedded video, a connection to the
YouTube servers is established and the contents are displayed on the Internet
page through a notification to your browser.</p>
+<p>Pursuant to YouTube specifications, in the “extended data protection mode”
your data - especially which of our Internet pages you have visited as well as
device-specific information including the IP address - is sent to the YouTube
servers in the US only when you view the video. By clicking on the video, you
give your consent to this transfer.</p>
+<p>If you are simultaneously logged on to YouTube, this information is
assigned to your YouTube member account. You may prevent this by logging out of
your member account before visiting our website.</p>
+<p>Google respects the data protection regulations of the US Privacy Shield
and is registered with the US Privacy Shield program of the US Department of
Commerce.</p>
+<p>For more information on data protection in connection with YouTube, please
refer to the <a href="https://policies.google.com/privacy?hl=en&gl=de"
target="_blank" class=" external">data protection regulations of
Google.</a><br> </p>
+<h4><a name="_Toc343784618"></a>8. Rights of the data subject</h4>
+<p>You have the right:</p>
+<p><span class="bulletpointlist">pursuant to Article 7(3) GDPR, to withdraw
the consent given to us at any time. This means that in future we may no longer
continue to process the data as based on this consent;</span></p>
+<p><span class="bulletpointlist">pursuant to Article 15 GDPR, to obtain
information about your personal data processed by us. More particularly, you
may obtain information about the purpose of processing, the category of the
personal data, the categories of recipients, to whom your data has been or is
disclosed to, the storage period planned, the existence of a right to request
from the controller rectification , erasure, restriction of processing or
objection, the existence of a right t [...]
+<p><span class="bulletpointlist">pursuant to Article 16 GDPR, to obtain the
rectification of inaccurate personal data without undue delay or the completion
of your personal data stored with us;</span></p>
+<p><span class="bulletpointlist">pursuant to Article 17 GDPR, to obtain the
erasure of your personal data stored with us unless processing is necessary to
exercise the right to freedom of expression and information, for compliance
with a legal obligation , for reasons of public interest, or to establish,
exercise or defend legal claims;</span></p>
+<p><span class="bulletpointlist">pursuant to Article 18 GDPR, to obtain the
restriction of the processing of your personal data if you contest the accuracy
of the data, the processing is unlawful but you deny its erasure and we no
longer need the data while you still require it for establishing, exercising or
defending legal claims or if you have objected to processing pursuant to
Article 21 GDPR;</span></p>
+<p><span class="bulletpointlist">pursuant to Article 20 GDPR, to receive your
personal data that you have provided to us, in a structured, commonly used and
machine-readable format or to obtain the transmission to another data
controller and</span></p>
+<p><span class="bulletpointlist">pursuant to Article 77 GDPR, to lodge a
complaint with a supervisory authority. For this, you may normally contact the
supervisory authority of your habitual residence or workplace or our company
headquarters.<br> </span></p>
+<h4><a name="_Toc343784619"></a>9. Information on your right to object
pursuant to Article 21 GDPR</h4>
+<p><b>You have the right to object, on grounds relating from your particular
situation, at any time to processing of your personal data, which is based on
point (e) of Article 6(1) GDPR (data processing for the performance of a task
carried out in the public interest) and on point (f) of Article 6(1) GDPR (data
processing for the purposes of the legitimate interests); this is also
applicable to profiling pursuant to Article 4(4) GDPR based on this
regulation.</b></p>
+<p><b>If you file an objection, we will no longer process your personal data
unless we can demonstrate compelling legitimate grounds for the processing
which override your interests, rights and freedoms, or unless processing serves
the establishment, exercise or defence of legal claims. If your objection is
directed against the processing of data for the purpose of direct marketing, we
will stop the processing immediately. In this case, citing a special situation
is not necessary. This i [...]
+<p><b>If you wish to make use of your right to object, please send an email to
<a
href="mailto:datenschutz@zv.fraunhofer.de">datenschutz@zv.fraunhofer.de</a>.</b></p>
+<p> </p>
+<h4><a name="_Toc343784620"></a>10. Data security</h4>
+<p>All your personal data is transferred in an encoded manner using the widely
used and secure TLS (Transport Layer Security) encryption standard. TLS is a
secure and proven standard that is also used for online banking, for instance.
You will recognise a secure TLS connection by the additional s after http
(i.e., https://..) in the address bar of your browser or from the lock icon in
the lower part of your browser, among other things.</p>
+<p>Besides, we use suitable technical and organisational security measures to
protect your data against accidental or intentional manipulation, partial or
complete loss, destruction or against unauthorised access by third parties. Our
security measures are continuously being improved as the technology
advances.</p>
+<h4><a name="_Toc343784622"></a>11. Timeliness and Amendments to this Data
Protection Information</h4>
+<p>This data protection information as amended in May 2018 is currently
applicable.</p>
+<p>It may become necessary to change this data protection information due to
the further development of our website and its offers or on account of amended
legal or official requirements. You may always access and print the latest data
protection information on the website at <a
href="https://www.fraunhofer.de/en/data-protection-policy.html" target="blank"
class="
external">https://www.fraunhofer.de/en/data-protection-policy.html</a>.</p>
+
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [www-reclaim] branch master created (now b10c9de), gnunet, 2020/06/24
- [www-reclaim] 03/06: add talks/videos, gnunet, 2020/06/24
- [www-reclaim] 02/06: update, gnunet, 2020/06/24
- [www-reclaim] 05/06: update apk for alpine, gnunet, 2020/06/24
- [www-reclaim] 01/06: initial import,
gnunet <=
- [www-reclaim] 06/06: add from source, gnunet, 2020/06/24
- [www-reclaim] 04/06: version, gnunet, 2020/06/24