IETF Logo Mail Archive

Re: [urn] Request for a Namespace Registration for Unique (Vaccination) Certificate Identifier

Dirk-Willem van Gulik <dirkx@webweaving.org> Wed, 11 August 2021 11:26 UTC

Return-Path: <dirkx@webweaving.org>
X-Original-To: urn@ietfa.amsl.com
Delivered-To: urn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 31AA93A11D4 for <urn@ietfa.amsl.com>; Wed, 11 Aug 2021 04:26:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id asjLPvK-4ode for <urn@ietfa.amsl.com>; Wed, 11 Aug 2021 04:26:55 -0700 (PDT)
Received: from weser.webweaving.org (weser.webweaving.org [148.251.234.232]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 546963A11D0 for <urn@ietf.org>; Wed, 11 Aug 2021 04:26:52 -0700 (PDT)
Received: from smtpclient.apple (94-210-134-94.cable.dynamic.v4.ziggo.nl [94.210.134.94]) (authenticated bits=0) by weser.webweaving.org (8.16.1/8.16.1) with ESMTPSA id 17BBPMvO081505 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 11 Aug 2021 13:25:25 +0200 (CEST) (envelope-from dirkx@webweaving.org)
X-Authentication-Warning: weser.webweaving.org: Host 94-210-134-94.cable.dynamic.v4.ziggo.nl [94.210.134.94] claimed to be smtpclient.apple
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.100.0.2.22\))
From: Dirk-Willem van Gulik <dirkx@webweaving.org>
In-Reply-To: <b74e2e97-3fd3-d24a-3844-4b6ffef821d1@mozilla.com>
Date: Wed, 11 Aug 2021 13:25:14 +0200
Cc: urn@ietf.org, the eHEALTH-NETWORK Secretariat <eHEALTH-NETWORK@ec.europa.eu>
Content-Transfer-Encoding: quoted-printable
Message-Id: <36DA5C85-D4D9-4257-9050-304E0BB2C714@webweaving.org>
References: <3053F7E9-7C6A-4AAB-AC87-63DC1D6A58D7@webweaving.org> <b74e2e97-3fd3-d24a-3844-4b6ffef821d1@mozilla.com>
To: Peter Saint-Andre <stpeter@mozilla.com>
X-Mailer: Apple Mail (2.3654.100.0.2.22)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (weser.webweaving.org [148.251.234.232]); Wed, 11 Aug 2021 13:25:25 +0200 (CEST)
Archived-At: <https://mailarchive.ietf.org/arch/msg/urn/Md4BKrb2bLdx3fEVaOf3axIZ9BQ>
Subject: Re: [urn] Request for a Namespace Registration for Unique (Vaccination) Certificate Identifier
X-BeenThere: urn@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Revisions to URN RFCs <urn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/urn>, <mailto:urn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/urn/>
List-Post: <mailto:urn@ietf.org>
List-Help: <mailto:urn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/urn>, <mailto:urn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Aug 2021 11:26:58 -0000

On 11 Aug 2021, at 01:07, Peter Saint-Andre <stpeter@mozilla.com> wrote:
> On 8/1/21 7:37 AM, Dirk-Willem van Gulik wrote:
>>      Version: 1.01
> 
> This is the version of the registration with IANA, not the version of
> the documentation. Thus this should be "1" and if in the future the
> registrant submits an updated registration, it should be incremented.

Thank you - corrected in the next version of this document.

...

>> the ECC public keys for (offline) signare validation and key revocation.
> 
> s/signare/signature/

Thanks. Fixed.

>> For this reason the design[2] calls for a Unique (Vaccination) 
>> Certificate Identifier (UVCI) that uniquely identifies a specific test, 
>> vaccination or recovery certificate. 
...
> However, the foregoing paragraph seems to indicate that a URN would
> identify a test, vaccination, or recovery certificate. That could be
....
> administered, etc.) - that is, not one URN per person encapsulating
> numerous events in an array or what have you. That also doesn't seem
> quite consistent with this later paragraph:
> 
>> The UVCI pertains to a specific (medical) record about a specific 
>> person’s vaccination, test or recovery at event level [1,2]. This 
>> record is subject to national legislation and regulation.
> 
> Could you clarify this aspect?

You are correct - this is wrong and badly written. 

It is an identifier  for a specific assertion (e.g. this person was 
vaccinated; this  person was tested) rather than something tied to 
the person; it is inside the elements of arrays of such assertions
 about 'a' vaccination, test or recovery statement*.

We've tried to clarify this in the next version of the draft.

With kind regards,

Dw.

* Earlier versions of the design called for a 'per event' identifier; e.g. 
  one for every shot in a sequence -- but while desirable for some of the 
  business rules countries wanted to apply on inbound - this turned out 
  to be impractical given the date available in practice).

v2.23.0 | Report a Bug | By Email