A few observations about digital vaccination certificates:

* It's really just a static QR code, you can import it into your app, but you can also make a picture of it and save it into your phones gallery. Or carry the original paper copy around.
* This unfortunately means it's easy to "steal" other peoples certificates by just scanning their code when they have it open in their app.
* The certificate will not be for your name but will that *always* be verified?


One benefit of storing the certificate inside CWA/CCTG instead of having it as a picture on your phone is that it's harder to access by other apps. If you run untrusted apps on your phone (i.e. installing stuff from playstore instead of foss apps by trusted developers through a trusted distribution channel) then this might be a preferable option.

· · Web · 0 · 2 · 5
Sign in to participate in the conversation

chaos.social – a Fediverse instance for & by the Chaos community