Uploaded image for project: 'FHIR Specification Feedback'
  1. FHIR Specification Feedback
  2. FHIR-34039

Clarify mutual TLS expectations

    XMLWordPrintableJSON

Details

    • Icon: Change Request Change Request
    • Resolution: Persuasive with Modification
    • Icon: Medium Medium
    • US Da Vinci HRex (FHIR)
    • current
    • Clinical Interoperability Council
    • (NA)
    • Hide

      Will align with RFC8705 with the constraints indicated in Lloyd's comment.  We will require that OAuth tokens are tied to the client's certificate (and are therefore not shareable).

      Will indicate that mutual TLS support is mandatory but that systems may, with site-to-site negotiation choose to use UDAP instead.

      Show
      Will align with RFC8705 with the constraints indicated in Lloyd's comment.  We will require that OAuth tokens are tied to the client's certificate (and are therefore not shareable). Will indicate that mutual TLS support is mandatory but that systems may, with site-to-site negotiation choose to use UDAP instead.
    • Bob Dieterle / Jay Lyle : 13-0-0
    • Clarification
    • Non-compatible

    Description

      There are multiple ways to accomplish mutual TLS, some of which include optional steps.  We need to make clear what our expectations are.

      Alternatives:

      https://www.ietf.org/rfc/rfc2246.html#appendix-F.1.1

      https://datatracker.ietf.org/doc/html/rfc8705

      Attachments

        Activity

          People

            Unassigned Unassigned
            lloyd Lloyd McKenzie
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: