covid-alert-server VS cfssl

If you're curious, the source code is here: App: https://github.com/cds-snc/covid-alert-app Server: https://github.com/cds-snc/covid-alert-server

The apps themselves in Canada at least are open source (server) and have been peer reviewed by third parties and anybody in the community who was interested, a few things were fixed that way. I can not comment on other countries.

C'mon, dude, the server code is literally linked from the repo I just showed you.

This link https://github.com/cds-snc/covid-alert-server#data-usage provides an example of how you could quantify the data download amounts, as it it based on the number of exposure keys that folks upload. As noted in the article, it's not that high, so the data usage would be minimal. Even with 100% adoption, you're still talking very low bandwidth usage, and there's no need for real-time data, it works quite happily on wifi/etc once a day.

Here is the source code for the go microservices that run the key-server https://github.com/cds-snc/covid-alert-server

and the backend server https://github.com/cds-snc/covid-alert-server.

cfssl is kinda outright better version of that.

The Cloudflare SSL tools at https://github.com/cloudflare/cfssl might help. Here's what it shows for one of the example Snake Oil certs:

I've used this in the past and it worked great. https://github.com/cloudflare/cfssl

The first step is to create the source key that represents our user. This key is created using a tool like openssl but another popular tool to use is cfssl, created by Cloudflare. Some folks think cfssl is easier to use, and it definitely looks easier to script. But for this example we will use openssl. You can also choose to create the key using a number of different algorithms. For this example we will use ED25519.

TLS/SSL worked well with client certificates generated by the CFSSL API.

Not sure if relevant but we used tooling from CloudFlare in the past: https://github.com/cloudflare/cfssl