Call me crazy, but ...
Стефан Васильев
stefan.vasilev at posteo.ru
Thu Jul 15 16:36:54 CEST 2021
Andrew Gallagher wrote:
>> On 14 Jul 2021, at 23:52, Стефан Васильев via Gnupg-users
>> <gnupg-users at gnupg.org> wrote:
>>
>> It would tell me as 3rd party that for WoT puposes, if this is still
>> used,
>> Alice and her good friend Bob were able to sign their pub keys
>> remotely,
>> based on a free of charge verification method.
>
> That’s what ordinary third-party sigs do. Adding medical data to a
> public key does not add anything to the process.
If it would be only medical data you are correct! But, and here a big
but,
this medical data contains the full name and birthday of the certificate
holder *digitally signed* by EU *authorities* in this field while the
cert
holder had to show his *valid* ID-card to the issuer.
> You should also beware that medical information is treated as
> sensitive personal data under GDPR, and this subject to stricter
> rules. Keyserver operators already have enough legal issues handling
> ordinary personal data (email addresses etc) without adding
> vaccination certificates to the dataset.
As I said a duplicate key is not meant for keyserver distribution and
if this should happen by accident, well than it happened. No one can
be sued about this. It is or was only said in some news that one should
not publish such QR-codes on social media.
Regards
Stefan
More information about the Gnupg-users
mailing list