DOCSLIB.ORG

Analysis and Comparison of Identification and Authentication

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Analysis and Comparison of Identification and Authentication Master Thesis Analysis and comparison of identification and authentication systems under the eIDAS regulation Author: Floris Roelofs Institute for Computing and Infor- S1029871 mation Sciences, Radboud University, Supervisor: Toernooiveld 212, 6525 EC Nijmegen, Prof. Dr. Eric Verheul NL Second evaluator: Prof. Dr. Bart Jacobs October 13, 2019 CONTENTS Contents 1 Introduction 3 1.1 Background.........................................3 1.2 Goal.............................................3 1.3 Scope............................................3 1.4 Research questions.....................................4 2 Methods 5 2.1 Criteria pre-analysis....................................5 2.2 Description of systems...................................5 2.3 Selection of criteria.....................................5 2.4 Comparisons and insights.................................6 3 Context 7 3.1 eIDAS - electronic IDentification Authentication and trust Services..........7 3.1.1 European law....................................7 3.1.2 Interoperability...................................7 3.1.3 Notification and assurance levels.........................7 3.2 Authentication.......................................8 3.2.1 Federated versus non-federated authentication.................9 3.2.2 Supporting standards...............................9 3.3 PKI - Public Key Infrastructure.............................9 4 Description of systems 11 4.1 Belgium........................................... 11 4.1.1 Belgian eID Scheme FAS / eCards........................ 11 4.1.2 Itsme R ....................................... 12 4.2 Germany.......................................... 13 4.2.1 German eID based on Extended Access Control................. 13 4.3 Luxembourg......................................... 15 4.3.1 Luxembourg national identity card (eID card).................. 15 4.3.2 Luxtrust - alternative methods.......................... 16 4.4 Estonia........................................... 18 4.4.1 Estonian eID Scheme: ID card / RP Card / Digi-ID / e Residency Digi-ID / Diplomatic Identity Card............................. 18 4.4.2 Mobiil-ID...................................... 19 4.5 Spain............................................ 20 4.5.1 Documento Nacional de Identidad electr´onico(DNIe)............. 20 4.5.2 Cl@ve........................................ 21 4.6 Italy............................................. 22 4.6.1 SPID - Public System of Digital Identity..................... 22 4.6.2 Italian eID based on National ID card (CIE).................. 24 4.7 Croatia........................................... 25 4.7.1 National Identification and Authentication System (NIAS).......... 25 4.7.2 NIAS - alternative authentication means..................... 26 4.8 The Netherlands...................................... 27 4.8.1 DigiD........................................ 27 4.8.2 DigiD Hoog..................................... 28 5 Criteria for comparison 30 5.1 Usability - service provider................................ 30 5.1.1 Federation...................................... 30 5.1.2 Usage with private service providers....................... 30 5.2 Usability - user....................................... 30 1 CONTENTS 5.2.1 Authentication methods.............................. 30 5.2.2 Single-sign-on.................................... 30 5.2.3 Availability of other qualified trust services................... 31 5.2.4 Accessing past authentication information.................... 31 5.3 Privacy........................................... 31 5.3.1 Privacy hotspots.................................. 31 5.3.2 Pseudonyms..................................... 32 5.4 Security........................................... 32 5.4.1 Security of Communication............................ 32 5.4.2 Vulnerability to `Man in the browser' attacks.................. 33 6 Comparison 34 6.1 Federation.......................................... 35 6.2 Usage with private service providers........................... 36 6.3 Authentication methods.................................. 37 6.4 Single-sign-on........................................ 38 6.5 Availability of other trust services............................ 39 6.6 Accessing past authentication information........................ 40 6.7 Privacy hotspots...................................... 41 6.8 Pseudonyms......................................... 42 6.9 Security of communication................................. 43 6.10 Vulnerability to `Man in the browser' attacks...................... 44 7 Insights 45 7.1 Chapter outline....................................... 45 7.2 Insights per criterion.................................... 45 7.2.1 Federation...................................... 45 7.2.2 Usage with private service providers....................... 45 7.2.3 Authentication methods.............................. 45 7.2.4 Single-sign-on.................................... 45 7.2.5 Availability of other trust services........................ 46 7.2.6 Accessing past authentication information.................... 46 7.2.7 Privacy hotspots.................................. 46 7.2.8 Pseudonyms..................................... 46 7.2.9 Security of communication............................ 46 7.2.10 Vulnerability to `Man in the browser' attacks.................. 47 8 Discussion & Conclusion 48 8.1 Conclusions......................................... 48 8.2 Limitations......................................... 49 8.3 Further research...................................... 49 2 1. INTRODUCTION 1 Introduction 1.1 Background Throughout Europe governments are in the process of making themselves digitally available to their citizens. In 2014 the European Union passed Regulation 910/2014, also known as the eIDAS regulation, which set the goal for all digital governmental services to be interoperable and usable by citizens of other member states. In order to achieve this, the Union has requested the member states to create their systems individually, and created a framework that will link all these systems. This has resulted in some vastly different methods of creating such systems, which has created hurdles in the way of reaching interoperability, such as differing levels of security required for using the systems. An example of such an aspect that the varying implementations differ in, which causes difficulties in the interoperability of the systems, is whether the system is federated or direct. Federated being that there is a usually centralised system which handles the identification and authentication, and direct meaning that there is no such party between the user and the organisation to which they are identifying. The reason for choosing a direct system is that there is no single actor that can know about all the authentication actions of a user. If one entity were to handle all authentications for everything from contact with a municipality to handling medical information, this entity could have control over an extremely privacy-sensitive data set, if no other measures against this are in place. For this reason some European countries, such as Germany, have chosen for a direct authentication model. On the other hand, a federated system is much simpler to use for service providers, as they do not need to worry about the authentication and all overhead that comes with it. Belgium is among states that have chosen for a federated model. Of course, even among countries that have made the same choice, federated or direct, there can still be vast differences in structure. 1.2 Goal This will be an exploratory research into the many differences between the implementations of the identification and authentication systems of various European member states. Based on these differences a comparison of the systems will be made, and the reasons that led to these differences will be discussed. The focus will be on three aspects of the systems; privacy of the user, security of the system and usability for both citizens and the service providers, what these aspects entail regarding this research will be described in chapter five. The results of this comparison and the analysis of the differences will lead to possible recommendations for future implementations and improvements to identification and authentication systems. 1.3 Scope Throughout the Union countries are in various states of production of their systems. Once a member state has finished developing their system they can ask the Union to review the system and assess it on quality and security requirements laid out by the eIDAS regulation. Once a system has been reviewed and deemed acceptable the Union is ‘notified’ of the system, meaning other member states need to ensure their government services are available through that system within twelve months. The systems are reviewed and accepted through a peer review process performed by other member states, coordinated by what is called the `Cooperation Network'. For this review we will be focused on systems that allow at least citizen to government authentication, systems that are only meant for businesses to government or citizen to business authentication will be deemed out of scope. Included in the research will be all systems from countries that have completed notification of at least one system at the start of this research, on February 1st 2019 [13]. This will include all notified and non-notified systems of member states, as long as the member state 3 1. INTRODUCTION had at least one system notified on the cut-off date. Non-notified systems from the selected states are
Load more

Recommended publications
  • Identity Cards Are Acceptable
    Who can apply for a Dutch driving licence Anyone can take theory & driving lessons, but when applying for: ► any type of theory tests ► any type of driving tests ► any Dutch driving licence you will be required to physically possess & to be able to show: Sub A: a valid form of identity Sub B: a citizens service number (= BSN or SoFi number) furthermore you will have to authorize your driving school to apply for any driving test through your DigId: Sub C: use your DigId to give a mandate to your driving school Sub A: Valid forms of identity As of January 1st 2006 the following identity cards are acceptable: ► a valid Dutch passport ► a valid Dutch driving license ► a valid Dutch identity card, issued by your Local Municipality ► a valid European identity card (NOT a foreign Driving Licence) ► a valid passport for citizens of member countries of the European Union ► a valid passport for citizens of member countries of the European Economic Area. ► a valid travel document for foreigners (your Dutch resident’s permit issued by the IND) ► a valid travel document for refugees EU/EEA countries are: Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovak Republic, Slovenia, Spain, Sweden, * Switzerland, United Kingdom. * Switzerland is not in the EU/EEA, but an international treaty means that from 1 June 2002 Swiss nationals have a similar right to live in the Netherlands as EEA nationals. Legislations rules that foreigners holding the following documents cannot obtain a Dutch driving licence: ► a W-document issued to asylum seekers: (although the W-document is a form of identification, it is not a residence permit and therefore unsuitable for a driving license application at the local authority) ► an expired document of the cat.
    [Show full text]
  • Overview of Member States' Eid Strategies
    January 2021 Overview of Member States’ eID strategies CEF eID SMO Version 3.0 This study was carried out for the European Commission by Deloitte. Authors: Massimo Pedroli, George O’Neill, Arianna Fravolini, Leonardo Marcon Picture on the first page from Flaticon CONTENT Introduction .............................................................................................. 6 Overview of national eID strategies and legal framework ......................... 7 eID Strategy Formalisation .............................................................................. 7 Common Strategic Objectives among EU Countries ..................................... 10 Legal requirements to hold eID ..................................................................... 20 Security of eID Means .................................................................................... 22 Ecosystems overview: service providers and accessible services ............ 23 The Role of the State ..................................................................................... 23 Accessible Digital Services ............................................................................. 25 Country Overview ................................................................................... 27 Austria ............................................................................................................ 28 Belgium .......................................................................................................... 30 Bulgaria .........................................................................................................
    [Show full text]
  • European Agreement on Regulations Governing the Movement of Persons Between Member States of the Council of Europe (ETS No. 025)
    European Treaty Series - No. 25 EUROPEAN AGREEMENT ON REGULATIONS GOVERNING THE MOVEMENT OF PERSONS BETWEEN MEMBER STATES OF THE COUNCIL OF EUROPE Paris, 13.XII.1957 Migrationsrecht.net www.migrationsrecht.net 2 ETS 25 – Movement of Persons, 13.XII.1957 _________________________________________________________________________________________________ The governments signatory hereto, being members of the Council of Europe, Desirous of facilitating personal travel between their countries, Have agreed as follows: Article 1 1 Nationals of the Contracting Parties, whatever their country of residence, may enter or leave the territory of another Party by all frontiers on presentation of one of the documents listed in the appendix to this Agreement, which is an integral part thereof. 2 The facilities mentioned in paragraph 1 above shall be available only for visits of not more than three months' duration. 3 Valid passports and visas may be required for all visits of more than three months' duration or whenever the territory of another Party is entered for the purpose of pursuing a gainful activity. 4 For the purposes of this Agreement, the term “territory” of a Contracting Party shall have the meaning assigned to it by such a Party in a declaration addressed to the Secretary General of the Council of Europe for communication to all other Contracting Parties. Article 2 Migrationsrecht.net To the extent that one or more Contracting Parties deem necessary, the frontier shall be crossed only at authorised points. Article 3 The foregoing provisions shall in no way prejudice the laws and regulations governing visits by aliens to the territory of any Contracting Party. Article 4 This Agreement shall not prejudice the provisions of any domestic law and bilateral or multilateral treaties, conventions or agreements now in force or which may hereafter enter into force, whereby more favourable terms are applied to the nationals of other Contracting Parties in respect of the crossing of frontiers.
    [Show full text]
  • Future of Identity in the Information Society Summary
    FIDIS Future of Identity in the Information Society Title: “D16.1: Conceptual Framework for Identity Management in eGovernment” Author: WP16 Editors: J.C. Buitelaar (Tilburg University, The Netherlands), M. Meints (Unabhängiges Landeszentrum für Datenschutz, Kiel, Germany) and B. van Alsenoy (K.U. Leuven, Belgium) Reviewers: J. Vyskoc (VaF, Slovakia) and M. Gasson (Reading University, U.K.) Identifier: D16.1 Type: Deliverable Version: 1.03 Date: 18th November 2008 Status: [Final] Class: [Public] File: 2008_11_18_D16.1_Framework_IDM_in_eGov_Final[2] Summary The main goal of deliverable D16.1 is to find an agreement within the different disciplines represented in the FIDIS NoE on the basic building blocks needed to allow dialoguing on the very specific research field of privacy-friendly identity management in eGovernment. Concretely, this means that the conceptual framework explores the basic concepts of (1) privacy and data protection, (2) identity management and (2) eGovernment, and brings them together in a conceptual framework. This framework will, in the next phase, be used to define the requirements for privacy friendly IDM in a multi-level eGovernment context. Copyright © 2004-09 by the FIDIS consortium - EC Contract No. 507512 The FIDIS NoE receives research funding from the Community’s Sixth Framework Program FIDIS D16.1 Future of Identity in the Information Society (No. 507512) Copyright Notice: This document may not be copied, reproduced, or modified in whole or in part for any purpose without written permission from the FIDIS Consortium. In addition to such written permission to copy, reproduce, or modify this document in whole or part, an acknowledgement of the authors of the document and all applicable portions of the copyright notice must be clearly referenced.
    [Show full text]
  • Annex to the European Agreement on Regulations Governing the Movement of Persons Between Member States of the Council
    European Treaty Series - No. 25 European Agreement on Regulations governing the Movement of Persons between Member States of the Council of Europe Paris, 13.XII.1957 Appendix In force since 1 September 2013 – Last amendment: Hungary. Austria – Valid passport or expired within the last five years. – Official identity card. Belgium – Belgian passport, valid or expired within the last 5 years. – Official identity card. – Official identity card issued to a Belgian national, having the force of an immatriculation certificate, by a Belgian diplomatic or consular agent abroad. – Identity certificate with photograph issued by a Belgian Local Authority to a child under 12 years of age. – Identity paper without photograph issued by a Belgian Local Authority to a child under 12 years of age. This document will only be accepted in the case of children travelling with their parents. – Valid alien's identity card, issued by the competent authorities of the country of residence, for Belgians lawfully residing in France, Luxembourg and Switzerland, and stating that the bearer is of Belgian nationality. – Provisional identity card. Cyprus – valid passport of the Republic of Cyprus, – valid national identity card, – valid laissez-passer. ETS 25 – Movement of Persons (Annex), 13.XII.1957 __________________________________________________________________________________ France – French passport, valid or expired within the last five years (a new model has been circulated since 28 April 1999; the previous model, delivered under certain conditions, remains valid). – Valid French identity card. – French identity card valid for three months. – Valid alien's identity card, issued by the competent authority in the country of residence, for French nationals lawfully residing in Belgium, Luxembourg and Switzerland; the card must indicate the holder's nationality.
    [Show full text]
  • Public Healthcare Insurance | Flexpolis 2021 What Is Important to Know and Which Conditions Apply?
    Public healthcare insurance | Flexpolis 2021 What is important to know and which conditions apply? Public healthcare insurance Flexpolis 2021 Eno Zorgverzekeraar N.V. Eno Aanvullende Verzekeringen N.V. These insurance conditions take effect on 01 January 2021. All previous insurance conditions will be superseded as of the same date. Contents Contact Public healthcare insurance Online 5 Customer Service 5 Specific provisions for public Postal address 5 healthcare insurance The information contained in this document Taking out and terminating public General provisions 5 healthcare insurance Public healthcare insurance 5 1. When can we refuse you? 13 Supplementary insurances 5 2. What is the basis for the public healthcare insurance? 13 Definitions 5 Premium 3. When do you not have to pay a premium? 13 General provisions 4. What happens if you get behind on your payments? 14 Provisions which apply to the public healthcare Excess insurance and the supplementary insurances 5. When does the compulsory excess apply? 15 6. When does the voluntary excess apply? 15 Invoices and payment 7. Which rules are applicable to compulsory 1. How do we allocate the costs of care? 6 and voluntary excess? 16 2. How do you submit an invoice? 6 3. When do we pay? 7 Insurance cover general 8. Which services are insured? 16 Taking out and terminating insurances 9. What restrictions apply in case of concurrence with 4. How do you take out an insurance policy? 7 other provisions? 16 5. How long do you take out the insurance for? 7 6. What happens if you change your mind? 8 Cover and reimbursement in the Netherlands 7.
    [Show full text]
  • Basic Healthcare Insurance Uitzendpolis 2016
    Basic healthcare insurance Uitzendpolis 2016 What is important to know and which conditions apply? Public healthcare insurance Uitzendpolis 2016 Eno Zorgverzekeraar N.V. Eno Aanvullende Verzekeringen N.V. These insurance conditions take effect on 01 January 2016. Previous insurance conditions will lapse with effect from that date. Contents Excess General provisions 5. When does the compulsory excess apply? ..................................15 6. When does the voluntary excess apply? ......................................15 Provisions which apply to the public healthcare 7. Which rules are applicable to compulsory insurance and the supplementary insurances and voluntary excess? .......................................................................15 Invoices and payment Insurance cover general 1. How do we allocate the costs of care? ..........................................6 8. Which services are insured? ........................................................... 16 2. How do you submit an invoice? ......................................................6 9. Which restrictions apply in case 3. When do we pay?................................................................................ 7 of concurrence with other provisions? ........................................ 16 Taking out and terminating insurances Cover and reimbursement in the Netherlands 4. How do you take out an insurance policy? .................................. 7 10. What is the cover in the Netherlands? ........................................ 16 5. How long do you take
    [Show full text]
  • 'Driving Licence Application (Non) Resident in the Netherlands' (3 E 0395)
    User guide ‘Driving licence application (non) resident in the Netherlands’ (3 E 0395) Date: 17 August 2021 3 B 0990a Table of contents Table of contents 2 1. Target groups 3 2. Declaration of Driving Ability 6 3. Driving licence lost or stolen? 6 4. Certificate of Fitness 7 5. Waiving a category or categories 8 6. Identity document 8 7. Costs 8 8. Application form 9 9. Colour passport photograph 9 10. Procedure 10 11. More information 10 2 In this user guide, you can read what you must do to renew or replace your Dutch driving licence. There are three different target groups (A to C). In Chapter 1, you can find out in which target group you belong and which instructions you must follow. These instructions are described for each target group. 1. Target groups A. You are resident outside the EU/EFTA1 and you want to renew/replace your driving licence (perhaps due to the loss/theft of your driving licence). B. You have a preferential status card and you are not registered in the Basic Register of Persons (BRP). C. You travelled abroad to study, but your parents/guardians live in the Netherlands and you want to apply for a driving licence. Target group A You are resident outside the EU/EFTA1 and you want to renew or replace your driving licence (perhaps due to loss/theft). What must you send with your application? - The completed and signed 3 E 0395 application form. - One colour passport photograph that satisfies the requirements of the Fotomatrix Model 2020.
    [Show full text]
  • How Can You Regain Your Dutch Citizenship? Option and Naturalisation Procedures for Former Dutch Nationals
    How can you regain your Dutch citizenship? Option and naturalisation procedures for former Dutch nationals 1. What is the purpose of this publication? What to do to regain Dutch citizenship? This question will be answered in the publication you are reading now. This publication is intended for all former Dutch nationals: people who at one time held Dutch citizenship, but have since lost it. This publication will give information about the following: • How to regain Dutch citizenship; • Which conditions must be satisfied to acquire Dutch citizenship; • Which documents are required to regain Dutch citizenship; • How the procedures works. Two ways in which you can regain Dutch citizenship As a former Dutch national, there are two ways in which you can regain Dutch citizenship: 1. By making use of the option procedure, whereby you declare that you wish to acquire Dutch citizenship once again. This option applies in any event to former Dutch nationals who have been legal residents in the Kingdom of the Netherlands for a minimum period of 1 year with a valid residence permit for a non-temporary purpose of residence, such as family reunification. 2. By submitting an application for naturalisation to become a Dutch citizen. This procedure is open to all former Dutch nationals. Recent rulings of the Council of State Everyone who has Dutch nationality also is an EU citizen. EU citizenship makes it possible for you to travel and live freely on EU territory and for you to work there, among other things. If you lose Dutch nationality, this means that you could possibly lose EU citizenship as well.
    [Show full text]
  • Physical Security RS&RM Contents
    Physical Security RS&RM Contents 1 Security 1 1.1 Perceived security compared to real security ............................... 1 1.2 Categorizing security ........................................... 2 1.3 Security concepts ............................................. 2 1.4 Security at home .............................................. 2 1.5 Security management in organizations ................................... 2 1.6 See also .................................................. 3 1.7 References ................................................ 3 1.8 External links ............................................... 3 2 Physical security 4 2.1 Overview ................................................. 4 2.2 Elements and design ............................................ 4 2.2.1 Deterrence methods ....................................... 4 2.2.2 Intrusion detection and electronic surveillance .......................... 5 2.2.3 Access control .......................................... 6 2.2.4 Security personnel ........................................ 7 2.3 See also .................................................. 7 2.4 References ................................................. 7 3 Closed-circuit television 9 3.1 History .................................................. 9 3.1.1 Technology ............................................ 10 3.1.2 Application ............................................ 10 3.2 Uses .................................................... 10 3.2.1 Crime prevention ......................................... 10 3.2.2
    [Show full text]
  • Examining the UK's Criminal Justice Response to Trafficking
    In the Dock Examining the UK’s Criminal Justice Response to Trafficking June 2013 Researcher and author: Rachel Annison Design and layout: Jakub Sobik & Rachel Annison ISBN: 9780900918797 © Anti-Slavery International for The Anti-Trafficking Monitoring Group Acknowledgements This report was made possible by the information and advice provided by Members of The Anti- Trafficking Monitoring Group (ATMG) and a variety of individuals, organisations and agencies across the UK and beyond, who have shared their experience of working with trafficked persons. The ATMG works closely with the Human Trafficking Foundation and STOP THE TRAFFIK. Contributions to the report were provided on the basis that the names of individuals and organisations would not be cited unless specifically permitted. The ATMG greatly appreciates the assistance that has been provided to advancing our knowledge of the prosecution of traffickers and victims in the UK. The ATMG would like to especially thank Chloe Setter of ECPAT, Lois Hamilton, and Graham O’Neill of TARA, for producing the chapters on children, Northern Ireland and Scotland respectively. The ATMG would also like to thank Comic Relief, the Esmée Fairbairn Foundation and The Bromley Trust for funding this project. The views expressed in this report are not intended to reflect the opinions of the funders. 1 Foreword In the public and political discourse on crime, much emphasis is placed today on the needs of victims. This is as it should be. Victims suffer the effects of crime, so they need to be treated with understanding and their rights should be protected at all times. It is also right that the State investigates and prosecutes offenders.
    [Show full text]
  • The State of Consular Affairs
    2019 edition State of Consular Affairs for the Netherlands and Dutch nationals worldwide sSarajevoAnkaraStPetersburgShanghaiBagdadJakartaKoealaLoempoerTunisOsloBratislavaMontrealDhakaKigaliTelAvivIstanboelHongKongChicagoIslamabadKingstonDamascusTun ofiaLagosKobeDublinQuitoLondenPretoriaAlmatyKarachiAnkaraTokioHavannaBonnBerlijnBuenosAiresLagosShanghaiKopenhagenBagdadHongKongAlmatyMuscatAbuDhabiWenenSa adLuandaKievLusakaDarEsSalaamMelbourneZagrebParijsHoustonWindhoekParamariboBamakoBonnCotonouOttawaJakartaMuscatColomboManillaOsloNairobiDubaiSaoPauloPretoriaMa urneMexicoColomboCanberraAbuDhabiMelbourneWenenDarEsSalaamBrasiliaKoeweitParijsJakartaIstanboelTeheranKhartoemAbujaParijsStockholmTorontoNewDelhiQuitoSeoelB nberraBogotáParijsLaPazWenenAccraVaticaanstadPortOfSpainHoustonPretoriaLaPazIstanboelBoedapestHamburgVancouverDhakaDubaiBangkokAnkaraAlgiersKhartoemDubaiKobeBru burgLagosColomboMexicoBratislavaLusakaBangkokSarajevoDamascusHoustonBonnAnkaraBrusselDarEsSalaamKobeSofiaKoealaLoempoerWellingtonAlgiersAnkaraAbujaChicagoMus SpainBoekarestLuxemburgDakarHoustonAlmatyDubaiRomeBamakoBelgradoHamburgRomeDarEsSalaamSofiaDubaiColomboRabatAtheneDublinSydneyKobeBogotáPraagOuagadougou esStockholmAmsterdamAbebaTripoliLaPazKairoManaguaBagdadLosAngelesKievAnkaraColomboWarschauRomeBernKingstonLissabonBoedapestBoedapestNewYorkMaputoColomboNewY etoriaAnkaraBomaySofiaTorontoRomeZagrebWashingtonAmmanAtheneLaPazMoskouAlgiersAbidjanParamariboMaputoManillaKinshasaBarcelonaCaracasManaguaBarcelonaLusakaAntw ramariboAnkaraSaoPauloPretoriaBangkokMilaanBamakoHoustonHarareBrasiliaKairoSarajevoBratislavaWindhoekZagrebBrusselRiyadMoskouAlmatyMaputoKarachiVancouverSantiagoDeChi
    [Show full text]