Re: [CFRG] Question over COVID-19 'passport' standardization?

Eric Rescorla <ekr@rtfm.com> Fri, 30 July 2021 18:02 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B05FB3A085F for <cfrg@ietfa.amsl.com>; Fri, 30 Jul 2021 11:02:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GFZu1QnCzbDu for <cfrg@ietfa.amsl.com>; Fri, 30 Jul 2021 11:02:34 -0700 (PDT)
Received: from mail-il1-x12b.google.com (mail-il1-x12b.google.com [IPv6:2607:f8b0:4864:20::12b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D8233A085D for <cfrg@irtf.org>; Fri, 30 Jul 2021 11:02:34 -0700 (PDT)
Received: by mail-il1-x12b.google.com with SMTP id d10so10278399ils.7 for <cfrg@irtf.org>; Fri, 30 Jul 2021 11:02:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RiulNb81jpX31CBNo1tKMQp7FcgIVphK0a2c6wtdVQI=; b=ivor+8tCnG5HW4DVffxcujVP779OK9Yl4930KsxBhkvLAt7od/O0Cle2h2UvVZ+pFD OaY0g2OBOSRq8R1wwpECBYAbM67BiZe0bh3+YK0d1idFLOfte0gdEV3E1g/Aa0d6HTZ6 sszGoh2C+PvtuM1DKBKLhefTppZhuxIqDnfX1JpWYcYDXBvSgRQNdhDfvBHn4xySLfx/ vmoowF1DC4kBE0TaXKbhl/MfURr1g2u/+oxHRkn7WxqZHHM5GzsiXNg1BzLP+5tgoczh Bw2/wh3ptIjQit7xOFiqCB73tvR1Y07zBlHrdmgdjULX4aC06biVxpOmjJsDrQmq9lir SV1w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RiulNb81jpX31CBNo1tKMQp7FcgIVphK0a2c6wtdVQI=; b=ID8h8dJMPcEMSQd8529i2E8KhnJgb5TMfJbD++DIxhU2IhQZmXs1e6r/cHM5C6AyJt w6uKYFiJluBs2Oesrgo3/G3AH1zNqyUpIwYMwQWg/GwkmWvVUcqsVgO9MYtKADFWQKlT 9J+0HXGIfiiAqPt6FU0ZeJAkF5Z/CAewQqcbM53mTDGIy9zfjhMvlHRNe7qfzVmqg9rh jNsPJib80cTfw4HUrp1SnF3ktnvZ2z0A/+fIvVeZu3xKJRE+2j5yPGgt5dhWLO8bZ6Xp jWck5j22hsf+yk+y72Zirn7CNXkFyhfBLxuKpl8s1C+vEUX8h7s06mmKFmohxEX1B0l1 5reg==
X-Gm-Message-State: AOAM532RCKc2THfbOw/MTsw+fMWdE2YSTJYAH/dQ2xEacJhzYZy6Zwdm h7xhiMm9gkAG/XP24hUkY/vroFfnURNtn2tKVBBZQg==
X-Google-Smtp-Source: ABdhPJy6G9bcwpFWDNvLhsejkes/ePJWT4mk9Bh3xKxSTbweE9oA3meKvIc+Rj8z5y78Xqi6sXLPMZF87o59s9rtPmE=
X-Received: by 2002:a05:6e02:1aae:: with SMTP id l14mr1020236ilv.35.1627668152928; Fri, 30 Jul 2021 11:02:32 -0700 (PDT)
MIME-Version: 1.0
References: <CAE1ny+6PweMpP4jc-G06VdUOM-d8sJ9VraFs-QJ2=BgOegv9MA@mail.gmail.com>
In-Reply-To: <CAE1ny+6PweMpP4jc-G06VdUOM-d8sJ9VraFs-QJ2=BgOegv9MA@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 30 Jul 2021 11:01:56 -0700
Message-ID: <CABcZeBPTAZrDuKJavQiuhXRnvkNiF_NRLQ2P6ZN0_8TOBCVzSA@mail.gmail.com>
To: Harry Halpin <hhalpin@ibiblio.org>
Cc: cfrg <cfrg@irtf.org>
Content-Type: multipart/alternative; boundary="000000000000115d3c05c85b0601"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/M_jAZMcSdhSPLI2YST5GVZlnRuI>
Subject: Re: [CFRG] Question over COVID-19 'passport' standardization?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Jul 2021 18:02:39 -0000

On Fri, Jul 30, 2021 at 10:47 AM Harry Halpin <hhalpin@ibiblio.org> wrote:

> Everyone,
>
> While the research community and industry was very quick to work on
> privacy-enhanced contact tracing, I've seen very few people taking the much
> more pressing issue of COVID-19 passports.
>
> I've earlier seen some very badly done academic work using W3C "Verified
> Credentials" and W3C Decentralized Identifier (DID) standards [1]. However,
> while a bunch of sketchy blockchain technology has not been adopted (so
> far, although I believe IATA and WHO are still being heavily lobbied in
> this direction), there has been the release of the EU "Green" Digital
> Credentials that actually uses digital signatures.
>
> However, there's a number of problems:
>
> * No revocation in case of compromise
> * Privacy issues, i.e. leaking metadata
> * No key management (booster shots might require)
> * No use of standards for cross-app interoperability
>

In case people are interested, here are my comments on the EU proposal
https://educatedguesswork.org/posts/vaccine-passport-eu/

And a link to my comments on other proposals as well:
https://educatedguesswork.org/tags/vaccine%20passports/

Re the EU: I'm not sure I entirely agree with your assessment. For
instance, the DGC does seem to have key management.



> Furthermore, there appears to be differences between countries, and some
> countries do not use cryptography at all (the US).
>

Well, there is no national system at all in the US, but there are systems
based on digital signatures in several states. For instance, California and
NY.


I don't think the W3C (or the ITU, etc.) has the security expertise, and
> while the crypto and security/privacy here is pretty simple, I think it
> should happen somewhere. So I thought polling it by CFRG IRTF would be a
> good idea to see what would happen, as the CFRG has probably the largest
> security/privacy expertise in the wider IETF circles.
>

As you say, this is pretty straightforward technically, so if there were to
be an I*TF effort, it should probably be an IETF WG rather than in the
CFRG. With that said, while I think standardization would be valuable, ISTM
that the problem here is a bunch of independent standards proceeding, so
I'd want to see some evidence that the various players (EU, VCI, etc.) were
interested before starting off, lest we fall into XKCD 927.

-Ekr