IETF Logo Mail Archive

Re: [saag] Interest COVID-19 'passport' standardization?

Volker Birk <vb@pep-project.org> Fri, 30 July 2021 21:45 UTC

Return-Path: <vb@pep-project.org>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4119C3A1259 for <saag@ietfa.amsl.com>; Fri, 30 Jul 2021 14:45:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZZIq_D6BTYA7 for <saag@ietfa.amsl.com>; Fri, 30 Jul 2021 14:45:53 -0700 (PDT)
Received: from dragon.pibit.ch (dragon.pibit.ch [185.203.114.4]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BDB843A122D for <saag@ietf.org>; Fri, 30 Jul 2021 14:45:53 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by dragon.pibit.ch (Postfix) with ESMTP id 8B78421415E9 for <saag@ietf.org>; Fri, 30 Jul 2021 23:45:51 +0200 (CEST)
Received: from dragon.pibit.ch ([127.0.0.1]) by localhost (dragon.pibit.ch [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xwpCbiJZidqI for <saag@ietf.org>; Fri, 30 Jul 2021 23:45:51 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1]) by dragon.pibit.ch (Postfix) with ESMTPSA id 62C4A214034E for <saag@ietf.org>; Fri, 30 Jul 2021 23:45:51 +0200 (CEST)
Date: Fri, 30 Jul 2021 23:45:51 +0200
From: Volker Birk <vb@pep-project.org>
To: saag@ietf.org
Message-ID: <20210730214551.54usdahtucaxrmoi@pep-project.org>
Mail-Followup-To: saag@ietf.org
X-PGP-Key: https://fdik.org/vb.asc
References: <CAE1ny+4QdmSJS-spV6Do5yDs1x3iAwyHdSx=Oa+cRXU+ESZ2nA@mail.gmail.com> <20210730185749.GA21724@dragon.pibit.ch> <CAE1ny+6wZVh1A9yZPfLpuG7AFg5THrY9ie4+QmTsde+DiFHi4w@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="6t2fuhkshfyrnddc"
Content-Disposition: inline
In-Reply-To: <CAE1ny+6wZVh1A9yZPfLpuG7AFg5THrY9ie4+QmTsde+DiFHi4w@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/NeA_G_L6o-ljyymd6EuTsG-5Rco>
Subject: Re: [saag] Interest COVID-19 'passport' standardization?
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Jul 2021 21:46:07 -0000

On Fri, Jul 30, 2021 at 10:40:13PM +0200, Harry Halpin wrote:
> While I support your sentiments (in fact, I warned against the persistence
> and abuse of COVID-19 related infrastructure as soon as the pandemic hit
> [1]) and do note that the COVID-19 passports have already happened in most
> countries, particularly in the EU. If they were built with open source and
> open international standards, with actual privacy and security, then it
> would be harm minimization.

Dear Harry,

thank you for taking this serious! But I fear you're mistaken. Let me
explain:

The major problem is not the passport itself. It is who checks it in
which situation: commercial enterprises checking access to cultural
events, but as we saw in Israel while the test also to food supply and
education.

So it will be a corporation deciding if you get education for your kids
and if you're qualified to buy food.

Let's illustrate this with a live example:

Even if you're willing to take your vaccine and you're compliant with
all government rules, what if you're rejected at the gate in spite of
this?

Then you can go to court and sue a commercial enterprise for doing this
mistake – or for abusing their power, because you may be just a person
the owners dislike. Then you can sue them over years. And while this
time you cannot bring your kids to school and you cannot go to a
supermarket and buy food.

Sorry, this is way too much power to the wrong people.

While the pandemic the super rich became so much richer. And the
corporations' shares went through the roof.

It must be enough feeding them now. We need to take care of all those
people, who lost their business and who lost their loved ones in the
pandemic. Creating a power tool to suppress all resistance to the
government and handing over this tool to the corporate world will not
help here. And unfortunately, it does not matter how much good will and
intentions will be spend on this.

Yours,
VB.
-- 
Volker Birk, p≡p project
mailto:vb@pep-project.org
https://pep.software

v2.8.7 | Report a Bug | By Email