Add helpers to easily fetch public keys from the Italian trustlist
lmammino opened this issue · comments
If we aim to get formal approval from Italian authorities as a good library to use for DGC parsing and validation I think it could make sense to implement functionality for easily populating a Trustlist
using the Italian APIs.
It seems that the 2 main endpoints for that are:
- https://get.dgc.gov.it/v1/dgc/signercertificate/update (get a public key by KID - to be confirmed)
- https://get.dgc.gov.it/v1/dgc/signercertificate/status (get a list of all the active KIDs)
At first thank you for sharing this convenient API. I might suggest to keep in mind that you could try to get the public keys from one of several European countries, in case you can not get formal approval from Italy. I figured out that the German CovPass-Check app uses this endpoint: https://de.dscg.ubirch.com/trustList/DSC/
Both the Italian and the German endpoints provide kids/certificates for several European countries. I found the kid used for my own (German) vaccination certificate in both the Italian and the German endpoints. The German endpoint also tells you which issuer public key belongs to which country, so you actually know, which countries are supported. I suppose the Italian endpoint is providing exactly the same KIDs.