Revoked certificates still shown as valid in CovPassCheck #28
Comments
|
Hey Treysis, sorry for the late response! Is this still an issue? With the Release of 1.13 the certificates should be blocked :-) Thank you for your feedback! |
|
Hello @alexcimander The Swiss app correctly shows this certificate as invalid. |
|
Hey Treysis, the CovPass blocked certificates from entities that we were advised to block. There are still some that will be accepted. The Adolf Hitler certificate is one of the ones that are still scanable. However we are working on a further prevention and we might block more certificates that were issued erroneously. We will keep you updated 👍 |
|
Thx. Why is it so slow, though? Those certificates leaked end of October. Italy and Switzerland are already blocking them since shortly after. |
|
Yes the Mickey mouse certificate at least is still valid in the CoronaWarnApp. We were told to report it here corona-warn-app/cwa-documentation#751 For more Certs to revoke see here https://github.com/denysvitali/covid-cert-analysis/blob/master/RESULTS.md#samplesmickeymousetxt |
|
Mickey Mouse has also been revoked by Tous Anti COVID (France). What is the rational for delaying revocations already performed by other countries? |
Avoid duplicates
Technical details
Describe the bug
The fraudulent QR codes that leaked 1-2 weeks ago are still validated by CovPassCheck. Other check apps (e.g. the Swiss Covid Certificate Check) correctly mark them as revoked. The database of CovPassCheck says it has been updated today.
Steps to reproduce the issue
Expected behaviour
The QR codes should be reported as invalid.
Possible Fix
Additional context
The text was updated successfully, but these errors were encountered: