* It's really not acceptable that the source code of #CovPass and #CovPassCheck is not yet published. https://github.com/Digitaler-Impfnachweis/documentation/issues/6
Those apps used in the wild as of yesterday and you cannot really study or verify them yet. I'd really like to check implementation details of the certificate validation in them... 😕
Also (assuming they build reproducibly) they should be made available through f-droid, ideally identical with the upstream developers signature but veryfied to build from the published sources by an independent party. This is not possible without published sources obviously.
We did manage to do the right thing with #CWA. Why is it so hard to keep doing that? 😠
@Bubu In France the problem is the same, but we already know that the implementations leaks to much personal data
@rami Dann werd ich mir mal https://github.com/eu-digital-green-certificates/dgca-verifier-app-android anschauen.
chaos.social – a Fediverse instance for & by the Chaos community