SafeTogether Protocols and Architectures

Committee Draft, 22 July 2020

To the extent possible under law, the editors have waived all copyright and related or neighboring rights to this work. In addition, as of 22 July 2020, the editors have made this specification available under the Open Web Foundation Agreement Version 1.0, which is available at http://www.openwebfoundation.org/legal/the-owf-1-0-agreements/owfa-1-0. Parts of this work may be from another specification document. If so, those parts are instead covered by the license of that specification document.

Status of This Document

This document is an incomplete draft. The sections that have been incorporated have been reviewed following the SafeTogether [Process]. However, the information in this document is still subject to change.

You are invited to contribute any feedback, comments, or questions you might have.

Contributors

Many people contributed to this specification; here is an incomplete list (please contact editor to add your name in this list):

Andrea Carmignani
Luca Merealli
Luca Mastrostefano
Luciano Baresi

Many thanks to all contributors in GitHub

1. Tracing System

These documents SHOLUD be taken into consideration for tracing domain :

**Note that DP-3T is not PEEP-PT**

Note: to say that a standard/protocol/specification must be taken into consideration, does not means that you have to adopt it, but it states that you know it and you are able to describe why you adopt it or not.

The Tracing reference application is made by the Covid Community Alert Team, the source code is available with open source license.

The architecture and the protocols for the Covid Community Alert reference application is described in the project documentation

Here are some protocol interactions:

2. Quarantine System

The Quarantine reference implementation is made by Keyless team using its zero knowledge biometric authentication see keyless resources

The source repository with Free Open Source License is available on request contacting covid@keyless.io.

3. Shielding System

The Shielding system adopts following standards and frameworks:

[verifiableCredentials] for credential definition standard made by W3C
[indy] a reference implementation for Self Sovereign Identity (SSI)
[aries] a shared, reusable, interoperable tool kit designed for initiatives and solutions focused on creating, transmitting and storing verifiable digital credentials
The Sovrin Foundation as an open source specification framework that implements SSI
The CovidCreds that propose a shared format for Covid Relate Verifiable Credential.

The Shielding reference implementation is made by g0v.it team using the DIZME platform kindly provided by Infocert

The architecture and the protocols for Shielding Reference application is described in the Shielding Project repository documentation

The main components of the Shielding System are summarized in following picture:

Conformance

Conformance requirements are expressed with a combination of descriptive assertions and RFC 2119 terminology. The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in the normative parts of this document are to be interpreted as described in RFC 2119. However, for readability, these words do not appear in all uppercase letters in this specification.

All of the text of this specification is normative except sections explicitly marked as non-normative, examples, and notes. [RFC2119]

Examples in this specification are introduced with the words “for example” or are set apart from the normative text with class="example", like this:

This is an example of an informative example.

Informative notes begin with the word “Note” and are set apart from the normative text with class="note", like this:

Note, this is an informative note.