IETF Logo Mail Archive

Re: [saag] Interest COVID-19 'passport' standardization?

Jon Callas <joncallas@icloud.com> Mon, 02 August 2021 18:29 UTC

Return-Path: <joncallas@icloud.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32E813A14B5 for <saag@ietfa.amsl.com>; Mon, 2 Aug 2021 11:29:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=icloud.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HLaZlWgRSntD for <saag@ietfa.amsl.com>; Mon, 2 Aug 2021 11:29:03 -0700 (PDT)
Received: from mr85p00im-hyfv06021401.me.com (mr85p00im-hyfv06021401.me.com [17.58.23.190]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 33B443A14B3 for <saag@ietf.org>; Mon, 2 Aug 2021 11:29:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=icloud.com; s=1a1hai; t=1627928942; bh=AixMGoc02HaAgLJocj14y6Ew9/2RmxCLwXEJwvqkRMs=; h=Content-Type:Mime-Version:Subject:From:Date:Message-Id:To; b=TcPBAn6wOUv1ROz9aM839qlcftgvkxE+ynFWn9RUyDEB9Fr7XlHs2kUVDqZ0fMZrj MTGHPPBq3KtU5KHByKA9Zz4hH3TI9hiofspOA7TEFE4urdoxPaw5TD5LZog6SSnRZW lIarS25ogfnaQnYXvpkgFTQtguD4/oGWchb51hvpP5tcziw08PqwqYFRFmaNCoNfdh 6HTfZOZ3KApRIs7mo9RJAvYIicScWAvnmjIi6i9NY26z+uxbJG9YWkDZ/QUsAN7C5U uFM/C6m/LV8/DakTIkPS2hDBKQ1O3a681M+jKhEbgCNqXUQeUQVbXadE4iylzEesez 1Cl2QaThTl5Rg==
Received: from smtpclient.apple (70-228-76-163.lightspeed.sntcca.sbcglobal.net [70.228.76.163]) by mr85p00im-hyfv06021401.me.com (Postfix) with ESMTPSA id 3800B9C01E4; Mon, 2 Aug 2021 18:29:00 +0000 (UTC)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
From: Jon Callas <joncallas@icloud.com>
In-Reply-To: <CAHBU6iuHHEXFtAJ7aUZJtZBRuqBd7Mh1GdV_T8Ua-HQ2beAh=A@mail.gmail.com>
Date: Mon, 2 Aug 2021 11:28:49 -0700
Cc: Jon Callas <joncallas@icloud.com>, Eric Rescorla <ekr@rtfm.com>, IETF SAAG <saag@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <B419C875-3FD6-42A7-B5F6-EA7445FA5631@icloud.com>
References: <CAE1ny+4QdmSJS-spV6Do5yDs1x3iAwyHdSx=Oa+cRXU+ESZ2nA@mail.gmail.com> <CADPMZDBu2cbtWk7Y4YMKXOWXQoKsBkAD9D1AuC_Rp+9xHawX7w@mail.gmail.com> <E0FDB1EE-256D-4925-9EE7-49DE212BFF02@gmail.com> <360C07DB-2B3A-4CDF-9747-31D2FCBABFC4@tzi.org> <8C67B77C-A2EB-4203-8713-E10CF8A12EEA@webweaving.org> <ecf66a91bb15452cb8e35266ad4f3513@oc11expo23.exchange.mit.edu> <8EC359D8-5D5F-4B26-8EEF-A0E192BAAA00@tzi.org> <CABcZeBOnN96DhE5YQcywUpXZ5xtigXxrcNfQOyjxEdQbd5iXQw@mail.gmail.com> <6185C9F3-B27C-4488-B039-2D9033A1BA10@tzi.org> <CABcZeBPU8JThKq5muXx+8mhtDACu2-ccFo0URi15W2_Oqj2ymg@mail.gmail.com> <CAHBU6isP_086oKbZ7Ai=pqfY4wcQgTLLPxWEEV-FE-1hYk-xDQ@mail.gmail.com> <CABcZeBPpC=eEN3t=MEar5NLzLe0mZuHNkNRHrYuwsfPibhqb1w@mail.gmail.com> <CAHBU6iuHHEXFtAJ7aUZJtZBRuqBd7Mh1GdV_T8Ua-HQ2beAh=A@mail.gmail.com>
To: Tim Bray <tbray@textuality.com>
X-Mailer: Apple Mail (2.3654.120.0.1.13)
X-Proofpoint-Virus-Version: =?UTF-8?Q?vendor=3Dfsecure_engine=3D1.1.170-22c6f66c430a71ce266a39bfe25bc?= =?UTF-8?Q?2903e8d5c8f:6.0.391,18.0.790,17.0.607.475.0000000_definitions?= =?UTF-8?Q?=3D2021-08-02=5F05:2021-08-02=5F02,2021-08-02=5F05,2020-04-07?= =?UTF-8?Q?=5F01_signatures=3D0?=
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 mlxscore=0 phishscore=0 clxscore=1011 malwarescore=0 bulkscore=0 suspectscore=0 mlxlogscore=603 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2108020119
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/Ge33KZwnAvQ57qwO4OCt8FRgkJ0>
Subject: Re: [saag] Interest COVID-19 'passport' standardization?
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Aug 2021 18:29:08 -0000

The Quebec system is coded just like the California one. It's a SMART Health Card coded into a URI and then into a QR code, as others have mentioned.

We at EFF have an article on it decoding it and commenting on it. The work Mikkel Paulson did on the Quebec one made our work easier.

<https://www.eff.org/deeplinks/2021/06/decoding-californias-new-digital-vaccine-records-and-potential-dangers>

Despite one's opinion on how good or bad such things are, there is zero need for the IETF to do a new standard.

	Jon

v2.8.7 | Report a Bug | By Email