Hacker News new | ask | show | jobs
Keys used to sign EU Digital Covid Certificates may have been leaked (twitter.com)
14 points by tarl0s 1692 days ago
1 comments
noodlesUK 1692 days ago
Is there any indication which country’s keys were leaked, and if so, just one key, or many?

The EU DCC spec is decentralized, so it is very unlikely that more than one country got owned.

link
raxxorrax 1692 days ago
But depending on the reader apps for verification the result might be the same when they just check for a valid European signature.

Honestly, I don't really mind that because I am not really a fan of vaccination certificates for an extended period of time.

edit: Seems to be fixed, so the key probably wasn't leaked.

link
NoPie 1692 days ago
Still shows valid in my covid19verify app (from Latvia) that was just auto-updated with the latest public keys.

Maybe the update is not complete and takes longer time for some countries. Or the app does not check for revocation lists etc. I don't know the technical details.

link