Release notes for v3.0.0 - wrong reason for no certificate light for 2G #366
Comments
|
Thanks for your question, I absolutely agree that this phrasing is confusing and could have been clearer. When saying "to guarantee data protection" the question is: which data to you want to protect? There are two main sets of critical data:
The current certificate light protects both. As you correctly stated in #367 one approach would be to have a completely separate cert-light-2G. That's possible, but takes longer to implement than the 2G/3G mode switch (which itself was already a rush in 2 weeks). Other approaches, like adding a flag As a sidenote, you may also want to consider the following questions (Stichwort Risikofolgenabschätzung):
To get back to the "guarantee data protection" part: in order to guarantee data protection in 3G I don't see how you can adapt the existing cert light to work in 2G while having the same properties. In other words, this sentence in the release notes is about stating that the focus currently lies on not weakening the data protection in 3G. I hope that explains the reasoning behind that sentence. Personally I absolutely agree that a second cert-light-2G would be nice, we can track this in #367. |
|
Thank you for the fast and very detailed answer and also sharing the thoughts and trade-offs considered in the design. Appreciated! |
Release notes for v3.0.0 (https://github.com/admin-ch/CovidCertificate-App-Android/releases/tag/v3.0.0-3000001-verifier) claims
Reason "to guarantee data protection" for not allowing a certificate light in 2G mode seams wrong.
Currently, in a 2G situation the certificate full is needed. This reveals much more information than necessary to check for 2G. Consequence: currently no data protection at all is available in a 2G situation.
Please clarify this in the release note.
The text was updated successfully, but these errors were encountered: