Uploaded image for project: 'FHIR Specification Feedback'
  1. FHIR Specification Feedback
  2. FHIR-18445

How is the scope of a signature determined? - N-Infra #133

    XMLWordPrintableJSON

Details

    • Icon: Change Request Change Request
    • Resolution: Persuasive
    • Icon: Very High Very High
    • FHIR Core (FHIR)
    • STU3
    • FHIR Infrastructure
    • XML
    • Hide

      Will adjust the XML language as follow:

      This specification defines the following method for canonicalizing FHIR resources, when represented as XML:

      Each XML instance or fragment that is part of the collection being signed SHALL

      • Contain no white-space other than single spaces in attribute values and in the XHTML in the Narrative
      • Use default namespaces for the FHIR and XHTML namespaces
      • Omit all comments
      • Always use the Unicode character representation for any XML entities (e.g. ' instead of ")
      • Include the XML processing instruction <?xml version="1.0" encoding="UTF-8"?>
      • Using the XML canonical method Canonical XML 1.1   (http://www.w3.org/2006/12/xml-c14n11)

       

      Will change the JSON as follows:

      This specification defines the following method for canonicalizing FHIR resources, when represented as JSON:

      The signed set of fragments SHALL be transformed such that:

      • No whitespace is included other than single spaces in property values and in the xhtml in the Narrative
      • Properties are ordered alphabetically within each object
      • Multiple fragments are concatenated with no intervening white-space in the order defined by the element with the Signature data type.
      Show
      Will adjust the XML language as follow: This specification defines the following method for canonicalizing FHIR resources, when represented as XML: Each XML instance or fragment that is part of the collection being signed SHALL Contain no white-space other than single spaces in attribute values and in the XHTML in the  Narrative Use default namespaces for the FHIR and XHTML namespaces Omit all comments Always use the Unicode character representation for any XML entities (e.g.  '  instead of  " ) Include the XML processing instruction  <?xml version="1.0" encoding="UTF-8"?> Using the XML canonical method  Canonical XML 1.1   ( http://www.w3.org/2006/12/xml-c14n11 )   Will change the JSON as follows: This specification defines the following method for canonicalizing FHIR resources, when represented as JSON: The signed set of fragments SHALL be transformed such that: No whitespace is included other than single spaces in property values and in the xhtml in the  Narrative Properties are ordered alphabetically within each object Multiple fragments are concatenated with no intervening white-space in the order defined by the element with the Signature data type.
    • John Moehrke/Grahame Grieve: 6-0-0
    • Clarification
    • Compatible, substantive
    • R5

    Description

      Comment:

      For example if signing a Provenance, we want all of the resource versions that are pointed to be part of the signature - but what defines that? Also, does each resource have an XML declaration or only the first? Are the strings for the resources concatenated with no whitespace between them before being signed? And when signing a Bundle or content from an extension, the element(s) signed can vary

      Summary:

      How is the scope of a signature determined?

      Attachments

        Activity

          People

            GrahameGrieve Grahame Grieve
            lloyd Lloyd McKenzie
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: