Add technical expiry date

[kevonfernando]

It would be nice to have the technical expiry date of the certificate on the back of the card. That would further make a great place to have a link back to the website, for when users need to create a new pass for a new certificate. Also, does the pass itself expire with the certificate?

[JantsoP]

Well there is end date of all certificates on 30.6.2022 as mandated by EU and confirmed by Finnish Health Institute when I asked them about this few months back. On my instance, I have added the date. If the certificates get continued, they (Health institutes) will probably will update backends so when you go get new QR code, it has updated info.

[marvinsxtr]

I like the idea of having a link to the site on the back of the pass. Currently the passes do not have a technical expiry date from CovidPass's side but we could define it to be the one saved in the QR payload as described in the specification. I do not know what date they save in there though and how it affects the validity.

[marvinsxtr]

The specification states the following:

The Expiration Time (exp) claim SHALL hold a timestamp in the integer NumericDate format (as specified in RFC 8392 section 2) indicating for how long this particular signature over the Payload SHALL be considered valid, after which a Verifier MUST reject the Payload as expired. The purpose of the expiry parameter is to force a limit of the validity period of the health certificate. The Claim Key 4 is used to identify this claim. The Expiration Time MUST not exceed the validity period of the DSC.

As many do not even scan the code to verify the pass, it should definitely expire. This is also supported by Apple Wallet.

[Ein-Tim]

Please note the following:

There is this video shared by the BMG on Twitter, which says this:

[JantsoP]

For above: This is something I mentioned already on my own comment above :) https://github.com/covidpass-org/covidpass/issues/96#issuecomment-913686350

EDIT: I also made PR #43 about this, but it was declined.

[marvinsxtr]

Starting in February, certificates will expire after 9 months as recently announced by the EU commission.

[Ein-Tim]

@marvinsxtr Please note that this is only the case for intra-EU traveling, not necessarily also for entry to venues in Germany.

[marvinsxtr]

Do you have a suggestion of how we should handle this? I would like to align with CovPass Check and Corona-Warn-App here.

[Ein-Tim]

No idea how they will handle this, I opened issues reg. this: https://github.com/Digitaler-Impfnachweis/covpass-ios/issues/88 & https://github.com/corona-warn-app/cwa-wishlist/issues/726.

[marvinsxtr]

The link to CovidPass was added with #141