We’re talking past one another, trying to solve different problems. I’m a software engineer by profession and I understand how public-key cryptography works. I also assumed you were not a software engineer because your comment didn’t make sense for the problem as I understand it.
The QR code contains a cryptographically signed attestion that “DanArmak” is vaccinated. Not “whoever displays this code is vaccinated”.
That works fine, and is the system used in Israel and proposed in some EU countries. But it’s not what I understand Zvi to be arguing for.
Zvi wants a system which doesn’t let verifiers identify the person in front of them, only learn that they’re vaccinated. He clarifies this in this comment.
If the QR proves “DanArmak is vaccinated”, then I also need to prove I’m DanArmak. E.g. by displaying a state ID. This lets verifiers track me, simply because they learn who I am and businesses regularly sell or share data on customers / visitors. The application verifying the QR codes can make this even easier—most businesses install the same verifier application, and it uploads info about the people whose IDs it verifies. IIUC, the US doesn’t have any privacy laws that would forbid private entities from such collading, tracking, and selling such data, even without disclosure.
To clarify—the most humane, least risky use case that would satisfy these desiderata would be have a modular system where we
Verify off-site that DanArmak is vaccinated (or has allergies, or a heart condition, or is immunocompromised)
Verify on-site that you’re DanArmak
Give the user the option of sharing information with the state or local health department so they can contact you or your physician about virus exposure (not just covid), food poisoning, whatever.
This could be widely adapted to a variety of situations, depending on how rigorous one wants to be about verifying someone’s ID.
If we DO stick with apps, the best approach might be to give everyone a QR code (including those who haven’t gotten vaccinated or tested). Separately, provide multiple options for verifying the codes (strict verification of ID, census of how many people are vaccinated once capacity is exceeded, etc)
Looks like some people may already be moving in this direction.
Right, so whatever direction we go with this, it’s really important that the application be open source, as Jeffrey Zients has suggested, so that businesses can add on security features that identify the person.
We’re talking past one another, trying to solve different problems. I’m a software engineer by profession and I understand how public-key cryptography works. I also assumed you were not a software engineer because your comment didn’t make sense for the problem as I understand it.
That works fine, and is the system used in Israel and proposed in some EU countries. But it’s not what I understand Zvi to be arguing for. Zvi wants a system which doesn’t let verifiers identify the person in front of them, only learn that they’re vaccinated. He clarifies this in this comment.
If the QR proves “DanArmak is vaccinated”, then I also need to prove I’m DanArmak. E.g. by displaying a state ID. This lets verifiers track me, simply because they learn who I am and businesses regularly sell or share data on customers / visitors. The application verifying the QR codes can make this even easier—most businesses install the same verifier application, and it uploads info about the people whose IDs it verifies. IIUC, the US doesn’t have any privacy laws that would forbid private entities from such collading, tracking, and selling such data, even without disclosure.
To clarify—the most humane, least risky use case that would satisfy these desiderata would be have a modular system where we
Verify off-site that DanArmak is vaccinated (or has allergies, or a heart condition, or is immunocompromised)
Verify on-site that you’re DanArmak
Give the user the option of sharing information with the state or local health department so they can contact you or your physician about virus exposure (not just covid), food poisoning, whatever.
This could be widely adapted to a variety of situations, depending on how rigorous one wants to be about verifying someone’s ID.
If we DO stick with apps, the best approach might be to give everyone a QR code (including those who haven’t gotten vaccinated or tested). Separately, provide multiple options for verifying the codes (strict verification of ID, census of how many people are vaccinated once capacity is exceeded, etc)
Looks like some people may already be moving in this direction.
https://github.com/joelbcastillo/CS6903-Vaccine-Passport-Checker/tree/main/src/CS6903-Vaccine-Passport-Checker
Again, easier to implement if the software is open source.
Right, so whatever direction we go with this, it’s really important that the application be open source, as Jeffrey Zients has suggested, so that businesses can add on security features that identify the person.