White Space Trimming of the DCC Json payload

[psavva]

Some countries (GR so far) have produced Payloads which include trailing spaces within the json payload values.

eg: space "mp": "EU/1/20/1528 "
Notice the empty space after the 1528.

1000s of such certificates are uncovered by foreigners causing invalidations,

Recommendation is to trim all whitespaces when executing business rules validations in the verifier apps

[psavva]

Dear TSi

Any update on this issue, we have some 1000s of Greek DCC affected, and it's causing issues for our validators in Cyprus.

[daniel-eder]

@psavva brought this to the attention of our developers again to find out how to proceed with this

[psavva]

Hi @daniel-eder, any news?

[daniel-eder]

@psavva I did not receive any update on it yet, but I am bringing it up again today

[psavva]

@daniel-eder, we still facing this issue, and would really need advise how to proceed as we are utilizing the Template applications.
We can go ahead and implement a fix ourselves, but i'm not certain that it should be done.

Please may I ask that this is reviewed, we have raised this impacting issue almost a month ago, with no response from TSi developers.

@SchulzeStTSI Please can you advise on this?

[daniel-eder]

@psavva The latest update I got is that this issue was reviewed and a developer suggested a potential fix / way forward.
Apparently this was not approved yet, but I just requested that the persons involved look at it again or provide a status update.

[daniel-eder]

Our developers just brought me up to speed, the android app uses https://github.com/ehn-dcc-development/dgc-business-rules/tree/main/certlogic for the validation and they are working with the assumption that the whitespace cleanup happens or should happen in that libarary.

@dslmeinte can you weigh in on this? Should we move the issue over there, or are additional steps necessary before handing over data to the library? Thank you for your help!

[psavva]

@daniel-eder Any updates? Whitespace cleanup isn't happening, of course :)

[dslmeinte]

@daniel-eder Sorry, I missed the ping.

Any whitespace cleanup should be part of the standardised DCC framework. Specifically, it should be defined in a new version of this document: https://ec.europa.eu/health/sites/default/files/ehealth/docs/covid-certificate_json_specification_en.pdf
If whitespace cleanup is made part of the framework, it should be done for backward compatibility only: issued DCCs should adhere to the standard as much as possible. Even with proper standardisation, we're potentially enlarging the problem beyond those couple of Ks of DCCs because parties might come to rely on the whitespace cleanup, despite a backward compatibility notice.

Is re-issuing those couple of Ks of DCCs an option?

[daniel-eder]

@dslmeinte thank you for your input, it makes sense to introduce this on a spec level and not just ad hoc.
@psavva I'll bring it up with our people that work with the spec, but in order for it to be seriously considered and discussed, it would be good to lobby for it from your end as well