No Revocation check on Certificates

[iamsilvio]

Page 5 of verifiable vaccination certificates - basic interoperability elements states:

A trust framework, including digital infrastructure, that is needed for establishing the
authenticity and validity of certificates presented by certificate holders.

Page 11 of Interoperability of health certificates
Trust framework states :

3.1.1.7 Health certificate revocation list (HCRL)
A system used by Country A for publishing information about revoked health certificates.
Each Country A shall publish one and only one aggregate list of all revoked health
certificates. Country A is responsible for putting its revoked certificates on the list and signing
it using one of its signing keys controlled by the PHA.

I do not see any implementation of a revocation check.

[SchulzeStTSI]

Hello @iamsilvio. Please consider the chapter in the certificate governance: https://github.com/eu-digital-green-certificates/dgc-overview/blob/main/guides/certificate-governance.md#33revocation-of-certificates "A CSCA SHOULD NOT use the Online Certificate Status Protocol (OCSP) for their DSCs, due to privacy concerns. Verifiers SHOULD NOT use OCSP for validation of the DSCs and SHOULD use CRLs." Means that this verifier app should never have such a feature in cause of privacy reasons. But to address your question I open a issue in the dgc lib (eu-digital-green-certificates/dgc-lib#52). This lib is integrated in the verifier services/backends which are able to perform such a revocation check.

[daniel-eder]

Closing this in favor of eu-digital-green-certificates/dgc-lib#52