Specifics of encrypting sealed bids #231
Comments
Bjwebb
added
help wanted
Focus - Extensions
|
The bid is quite complex structure in regards to encryption. Something as complex as field level encryption will be applied. It is because different information that bid consist of will be released in different moment of time. I.e. The initial price has to be revealed when auction starts. The MEAT cbid parameters should be revealed when auction starts and only to auction module. But author of the bid and documents cannot be revealed until auction ends. Ideally until auction is started the number of bidders should be protected. But the way to achieve this is more complex then individual bid encryption. After we add Lots extension the bid encryption becomes one magnitude more complex since each lot will have its own set of properties to encrypt (auctions for every lot take place in different moment of time). |
|
Thanks @myroslav It seems to me that if OCDS is to tackle this, we're going to need to do quite a bit more work reviewing existing solutions etc. to this kind of problem out there. I've just sent around an e-mail to start exploring whether we can prioritise that kind of research. |
|
There have been no updates on this issue since 2015. Closing. |
The general approach to encryption in an OCDS file is being discussed at #226 (e.g. what metadata format should be used, what ciphers etc.). However, there are also some specific questions relating to how to implement sealed bids (the main known use case atm*), that may be independent of the encryption/metadata scheme.
For example:
(*Note that bids are not currently in the OCDS standard, but are being used by Prozorro, and there are plans to develop a bid extension #197 to standardise this).
The text was updated successfully, but these errors were encountered: