Cwa-documentation: Alternative software allowed to interface with backend?

Hello @t3sserakt ,

thank you for your input. We will look into that and get back to you soon.

Best,

KM

According to #62 and corona-warn-app/cwa-server#82, device attestation will not be used. The back-end should therefore accept any client that abides by the access protocols. Or am I missing anything?

According to #62 and corona-warn-app/cwa-server#82, device attestation will not be used. The back-end should therefore accept any client that abides by the access protocols. Or am I missing anything?

We discussed that before here. There is some limitation of the Google API for creating Tokens. However a ESP Atmel Microcontroller with Bluetooth might be used to fake a cell phone. The ESP has a WiFi interface and one can think about a Android VM that is used to generate the tokens.

I think this can be done very very easy.

If you want to have clients that don't use the GAEN (Google / Apple Exposure Notification) API, they would still need to be compatible on the Bluetooth-End. The Bluetooth spec and the crypto spec are public.
On a first glance, that should be enough for a clean-room implementation.

@svnk Yes, and that's discussed e.g. here: https://github.com/corona-warn-app/cwa-app-android/issues/75

As mentioned https://github.com/corona-warn-app/cwa-documentation/issues/169#issuecomment-636122152 device attestation is not being used, so in principal, clients should be able to interface with the backend. If there are any concrete issues when doing that, please open a dedicated issue in the CWA server repository.