From 34be1b95c62f84b12f213a72cd2fe59d43d6b4d6 Mon Sep 17 00:00:00 2001 From: Marco Pashkov Date: Tue, 19 May 2020 23:04:04 -0700 Subject: [PATCH] correction --- solution_architecture.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/solution_architecture.md b/solution_architecture.md index 0055082..1ea2644 100644 --- a/solution_architecture.md +++ b/solution_architecture.md @@ -63,7 +63,7 @@ The flow for using the app is as follows, referencing the steps from *Figure 2*: - **Step 2:** The samples are transported to the lab (together with a “Probenbegleitschein”, which has a machine-readable QR code on it, as well as multiple other barcodes (lab ID, sample IDs). - **Step 3:** As soon as the test result is available (i.e. the samples have been processed), the software running locally in the lab (lab client) transmits the test result to the Laboratory Information System, together with the GUID from the QR code. The Laboratory Information System hashes the GUID and the test result. It is made available to the Verification Server through a REST interface. - **Step 4a:** After signing up for notifications in step 1, the user’s phone regularly check on the Verification Server whether test results are available (polling, figure 3, steps 5-8). This way, no external push servers need to be used. If results are available, the user is informed about the availability of information and only after opening the app, the result is displayed, together with recommandations for further actions (see scoping document for more details). -- In case the test returned a positive result, users are asked to upload their keys to allow others to find out that they were exposed. If the users agree, the app retrieves a short-lived token (TAN) from the Verification Server (see also *Figure 3*, steps 6-8). The TAN is uploaded together with the diagnosis keys of up to the last 14 days to the Corona-Warn-App Server (*Figure 3*, step 12). +- In case the test returned a positive result, users are asked to upload their keys to allow others to find out that they were exposed. If the user agrees, the app retrieves a short-lived token (TAN) from the Verification Server (see also *Figure 3*, steps 6-8). The TAN is uploaded together with the diagnosis keys of up to the last 14 days to the Corona-Warn-App Server (*Figure 3*, step 12). - The Corona-Warn-App Server uses the TAN to verify the authenticity (*Figure 3*, steps 13-15) of the submission with the Verification Server. - The TAN is consumed by the Verification Server and becomes invalid (*Figure 3*, step 14) - If the Corona-Warn-App Server receives a positive confirmation, the uploaded diagnosis keys are stored in the database (*Figure 3*, step 16).