Divide-By-0
commented
4 months ago The parsing logic can be found here: https://github.com/zk-passport/proof-of-passport/tree/main/registry
The key download sites are here: https://download.pkd.icao.int/
Open Divide-By-0 opened 5 months ago
Divide-By-0
commented
4 months ago The parsing logic can be found here: https://github.com/zk-passport/proof-of-passport/tree/main/registry
The key download sites are here: https://download.pkd.icao.int/
foolo
commented
4 months ago As a preparation, I think we need to extend the database structure for this. At the moment there are only DomainSelectorPair and DkimRecord (each DomainSelectorPair has many DkimRecords). So we should think about what would be the best solution here.
foolo
commented
3 months ago foolo
commented
3 months ago Florent, [2024-06-15 17:46] you can see the latest version of our code to parse certificates from the ICAO list here: https://github.com/zk-passport/proof-of-passport/tree/dev/registry
Florent, [2024-06-15 17:47] And we recently shipped this map that for now only contains DSCs but will soon contain CSCAs https://map.proofofpassport.com/ For context there are two levels of certificates, top ones (CSCAs) and intermediate ones that sign passports (DSCs)
https://github.com/zk-passport/proof-of-passport/tree/dev/registry Florent, [2024-06-15 17:49] by running the scripts here you should be able to get all the certificates, DSCs and CSCAs from the ICAO registry. It’s on the dev branch
We can make this a more general public key registry, by also supporting ICAO country public keys. This will require making some scripts to hit and parse those URLs, and also noting all existing keys as RSA and the new keys as ECDSA/RSA etc as needed. Note that while many keys are on ICAO's PKD, many are on country-specific sites.