I issued my own certificate template using the sample data on cert-tools and cert-issuer. I just changed the cert-logo and the tittle of the certificate. So I used cert-issuer in regtest mode and then took the signed .json an uploaded it on blockcerts verifier.
My surprise was that the certificate was 4-step verified(Format, Hash, Status, Verified), so can anyone explain me why this happens?
Because some folks could just fake tittles just changing the logo and the University name, no? Or this just happens because it is in regtest?
Thank you, this is an excellent question that I want to highlight. Here is an example of a regtest certificate:
It you upload this to the universal verifier, you’ll see the message “This is a valid Regtest certificate”.
We allow partial verification of test issuing modes (regtest, testnet, …) but note that this is only partial: it’s not checking revocation status, authenticity, etc. It does, however, ensure that the certificate has not been tampered with, so if you changed the logo, university name, etc that would fail. Partial verification is useful for implementers to ensure everything is ok before the real issuance, which costs money.
While Blockcerts issuers and verifiers are aware of this through documentation and guidance, I certainly agree that your impression of this will be common. I.e. I think we should make it a lot clearer that, which it’s a valid test certificate, it should not be considered an official issuance. It seems straightforward to achieve this by adding an extra sentence clarifying the intent of test-mode verifications (i.e. for implementors and testing only), that it is checking only that the certificate is well-formed, and that it should not be considered a valid official record.
Thanks again for bringing this up – I think this definitely points to a need for clarification in our UI.
I’m agree with you that it will be helpful to explain this concepts a little bit more for further developers but I understand is a recent project and you guys are actually doing a great job.
Thank you very much for the clarification about how works the verification in the test modes.