How to _not_ submit history of IDs from the last N days to any DB

[kozmaf]

server should not learn anything besides who is infected, ideally not even that

We believe it's possible to achieve this by anonymously broadcasting directly to contacts:

• without any server, so no broadcasting any list of IDs to a public DB
• without revealing your own identity
• without knowing your contacts' identities

and should address most of the issues remaining, such as compromise on random IDs vs random ID per timeslot, cloning and impersonation.

Outline here; we're starting on an implementation now. Feedback welcome.