proposal: omit the last bullet from this section:
When the signature is an JSON Digital Signature (contentType = application/jose), the following rules apply:
- The Signature.data is base64 encoded JWS-Signature RFC 7515: JSON Web Signature (JWS)
- The signature is a Detached Signature (where the content that is signed is separate from the signature itself)
- When FHIR Resources are signed, the signature is across the Canonical JSON form of the resource(s)
- The Signature SHOULD use the hashing algorithm SHA256. Signature validation policy will apply to the signature and determine acceptability
The Signature SHALL include a "CommitmentTypeIndication" element for the Purpose(s) of Signature. The Purpose can be the action being attested to, or the role associated with the signature. The value shall come from ASTM E1762-95(2013). The Signature.type shall contain the same values as the CommitmentTypeIndication element.
Rationale: There is no "CommitmentTypeIndication" element in JWS. Nor as far as I can tell a corresponding element. you could add a private header parameter name.