You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Apr 14, 2021. It is now read-only.
Private keys of daily keypairs that are older than the epidemiologically relevant time span (specifically, four weeks) can be destroyed. The Luca Server removes all such encrypted private keys for all Health Departments. Furthermore, the Health Department Frontend removes all locally stored copies of such private keys.
How can Luca guarantee the removal / deletion of locally stored daily key pairs at the Health Departments? I assume that Health Departments could in theory store a copy of those keys forever or simply not log into the HD Frontend for any given time, hence preventing deletion.
It is my understanding that Health Departments and governmental organizations can create an archive of all Daily Keypairs ever used and store it outside Luca's system for eternities. Is this correct?
The text was updated successfully, but these errors were encountered:
Naturally, the system cannot guarantee that health departments do not compromise the daily keypair private keys which are entrusted with the health department. For that very reason, this keypair is rotated daily.
Check-Ins on the Luca Server are additionally encrypted by the Venue Owner. So any single such private key provides access to Check-Ins of a limited time span that were specifically shared with a Venue Owner's consent for a contact tracing.
Additionally, the Luca Server deletes Check-Ins that are older than four weeks.
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
You are stating
How can Luca guarantee the removal / deletion of locally stored daily key pairs at the Health Departments? I assume that Health Departments could in theory store a copy of those keys forever or simply not log into the HD Frontend for any given time, hence preventing deletion.
It is my understanding that Health Departments and governmental organizations can create an archive of all Daily Keypairs ever used and store it outside Luca's system for eternities. Is this correct?
The text was updated successfully, but these errors were encountered: