Details
-
Change Request
-
Resolution: Persuasive
-
Medium
-
US PACIO Advance Directive Interoperability (FHIR)
-
0.1.0
-
Patient Empowerment
-
STU
-
Security, Privacy, and Consent
-
-
Corey Spears/Virginia Lorenzi : 10-0-0
-
Clarification
-
Non-substantive
Description
The IG says this:
- The exchange of information SHOULD use the current version and SHALL use either current or the immediately prior release of Transport Level Security (TLS) as specified by the current release of NIST guidelines (SP 800-52).
SHOULD use current (1.3), SHALL use either prior (1.2) or current (1.3) ... as specified by SP 800-52.
But Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations (nist.gov) says: SHALL support 1.2 and SHOULD support 1.3.
So, if an implementer followed your recommendation and only used the current version of TLS, they would be out of compliance with 800-52. Right?
I'd encourage you to merely point to external guidance.
Attachments
Issue Links
- is voted on by
-
BALLOT-27203 Negative - Christopher Schaut : 2022-Jan-FHIR IG PACIO ADI R1 STU
- Withdrawn
-
BALLOT-30446 Negative - Chris Courville : 2022-Jan-FHIR IG PACIO ADI R1 STU
- Withdrawn
-
BALLOT-30471 Negative - Cooper Thompson : 2022-Jan-FHIR IG PACIO ADI R1 STU
- Withdrawn
-
BALLOT-30511 Negative - David Sundaram-Stukel : 2022-Jan-FHIR IG PACIO ADI R1 STU
- Withdrawn
-
BALLOT-30553 Negative - Thanos Tsiolis : 2022-Jan-FHIR IG PACIO ADI R1 STU
- Withdrawn
-
BALLOT-30578 Negative - Amit Popat : 2022-Jan-FHIR IG PACIO ADI R1 STU
- Withdrawn
-
BALLOT-30603 Negative - Daniel Rutz : 2022-Jan-FHIR IG PACIO ADI R1 STU
- Withdrawn
-
BALLOT-30628 Negative - Michael Clifton : 2022-Jan-FHIR IG PACIO ADI R1 STU
- Withdrawn
-
BALLOT-30421 Negative - Vassil Peytchev : 2022-Jan-FHIR IG PACIO ADI R1 STU
- Balloted
-
BALLOT-30653 Negative - Isaac Vetter : 2022-Jan-FHIR IG PACIO ADI R1 STU
- Balloted
-
BALLOT-31818 Negative - Daniel Zhang : 2022-Jan-FHIR IG PACIO ADI R1 STU
- Balloted