-
Notifications
You must be signed in to change notification settings - Fork 344
[Business Rules Validation]Business Rules "passed" not displayed in "open status screen" when some schema versions do not match #679
Comments
An unpleasant additional problem ... different EU vaccination certificates with different QR codes for one and the same vaccination and person! Please verify. There are different EU vaccination paper certificates (1) for one and the same vaccination of the same person, which can or lead to different results when the certificate is checked by the CWA with regard to entry requirements! (1): EU certificates with "QR code left and text right" (old) and "text left and QR code right" (new). Technical details:Samsung Galaxy Note 10, SM-N970F/DS Describe the problem:I have two different EU vaccination certificates for myself (with identical dates); once in the 'version old' (QR code on the left and text on the right corona-warn-app/cwa-app-android#3514 (comment)) and once in the 'version new' (text on the left and QR code on the right; see PS below); downloaded from my account at the local vaccination center. Due to @vaubaehn's post, I have tested my two scanned EU vaccination certificates ('version old' and 'version new', each certificate from sheet 2/2, BionTech) with the entry date "09.08.2021T14:00:00Z" for the Netherlands and get different results! Result (EU vaccination certificate, 'version old' (QR code on the left and text on the right)): Result (EU vaccination certificate, 'version new' (text on the left and QR code on the right)): Steps to reproduce the issue:For the EU certificate 'version old' (QR code on the left and text on the right):
For the EU certificate 'version new' (text on the left and QR code on the right):
Selecting the certificates: Additional context:I cannot check and evaluate what is normal, wrong or right here - in this respect I would like my post to be understood as a reference to be checked. However, it might be helpful to have a hint for the user that says which of his EU vaccination certificates - if the user has several - should be used. At the moment it seems clear: the newer (currently the one with the “text on the left and QR code on the right” (new); see above) should be used. Possible Fixes:Due to the different sizes of the QR codes (hopefully there are more unique version numbers in the QR code or similar) between "QR code left and text right" (old) and "text left and QR code right" (new) it could be determined which version the scanned EU vaccination certificate is. A note could be derived from this stating that the EU vaccination certificate should be renewed. Derived from the size of the QR code (or clearer version differences), the standard QR code displayed / used by CWA could be the most current / valid in each case. Alternatively, it would also make sense to simply advise the user to delete their old QR codes. However, these should then be marked in some way. ... Overall, however, I cannot evaluate whether my mentioned 'possible fixes' represent sensible, permanent solutions. In this sense, best regards, Joachim. PS: The Links “DCC Certificate of Recovery“, ”DCC Test Certificate“ and “DCC Vaccination Certificate” in https://github.com/Digitaler-Impfnachweis/certification-apis/tree/master/templates are actually wrong: error 404. |
It is to be expected if an EU digital vaccination certificate is reissued, that it will have a different QR code. That is because the date of issue will be different (not the date of vaccination) and that date is included in the QR code. Also each valid certificate is individually signed. The reason that you are getting different results for the check with the Netherlands is probably because the older certificate is using the 1.0.0 scheme and the newer one is using 1.3.0. The simplest workaround is to remove any older vaccination certificates from CWA and just leave the newest 2 of 2 certificate in the app. You don't need any older certificate. It would be better for you to post your issue as a separate new one. It is actually more related to corona-warn-app/cwa-app-android#3838. The CovPass-App currently also chooses the first certificate which was scanned in. See Digitaler-Impfnachweis/covpass-android#57.
You should report this issue in the https://github.com/Digitaler-Impfnachweis/certification-apis repository. |
@vaubaehn Thank you very much for the detailed bug report: Internal Tracking ID: EXPOSUREAPP-8909 |
Thanks for information. It is understandable that there are newer versions of the EU vaccination card from time to time. But if older versions lead to the above-mentioned test result "Your certificate could not be fully checked", I will stick to my 'Possible Fixes:' in #679 (comment).
... with appropriate information.
From my point of view, the easiest way is not the best here. Especially if further 'newer' vaccination certificates are expected in the future.
I think this point is already dealt with extensively there. But is that just an Android problem only?
|
that's right. But there is a workaround to sort the EU certificates:
Result: the EU certificate scanned first is shown as the 'Standard Certificate'. This works under CWA 2.6.1 as well as under CovPass 1.28.7. Best regards, Joachim. |
@vaubaehn I guess this was not fixed in the meantime, was it? |
Avoid duplicates
Technical details
Describe the bug
When DCCs are validated against the business rules of countries of arrival (CoA), CWA (and other wallet apps) need to show an "open status screen", when at least one rule could not be validated due to schema version mismatch between DCC schema version and business rule schema version. For example, as of today (07.08.2021) the Netherlands are providing business rules for vaccination certificates with schema version 1.3.0, while many vaccination certificates in Germany have been issued with schema version 1.0.0. In result, CWA currently shows for vaccination DCCs (issued before July 1st) an "open status screen" when validating against NL business rules, where every business rule is displayed for the vaccination certificate to be able (for human beings) to verify, if every rule nevertheless is compliant with requirements for vacc. DCCs set up by the NL health authorities.
But now NL added some rules for test certificates (TR-NL-0005, TR-NL-0006), where the schema version is set to "1.0.0", while other business rules for test DCCs are still schema version "1.3.0".
All business rules with schema version 1.3.0 are resulting in a status "open", and they are displayed accordingly in CWA's validation information screen. But rules that pass validation with status "pass", are not shown at all.
It would be expected, that in case some rules pass but other rules are "open" that CWA shows all rules with their related DCC content, so that the human user is able to validate its complete DCC against information found on https://reopen.europa.eu .
By the way: the other way round it's working well: when one rule fails while all other rules are "open", then CWA shows all results correctly (failed rules on top, open rules below), see #671 (comment). So "fail/open" is correct, "pass/open" is not correctly displayed.
Steps to reproduce the issue
Expected behaviour
When checking validity of DCC against Netherland rules between/for entry time between 09.08.2021T10:01:00Z and 10.08.2021T10:00:00Z, the rule TR-NL-0006 should be displayed as either "passed" or also as "open", when using DCC you find above.
Possible Fix
Align logic to display validation results with mixed rules "pass/open" to the logic "fail/open".
Additional context
You'll find the related NL business rules here:
Acceptance_Rules-NL-20210806.json.txt
Pay attention to rules TR-NL-0006 (for antigen test used here) and TR-NL-0005 for NAAT.
Internal Tracking ID: EXPOSUREAPP-8909
The text was updated successfully, but these errors were encountered: