Details
-
Change Request
-
Resolution: Persuasive
-
Highest
-
US Da Vinci PAS (FHIR)
-
1.2.0-ballot [deprecated]
-
Financial Mgmt
-
Withdrawn
-
Formal Specification
-
5.3
-
-
Bob Dieterle / Celine Lefebvre: 12-0-0
-
Clarification
-
Compatible, substantive
Description
Does this sentence "PAS Servers SHOULD support server-server OAuth and MAY support mutually authenticated TLS"
conflict with the DV P&S principles which state:
When the identity of the requesting or receiving party is important, implementations SHOULD use one or more of the following as defined in the specific Da Vinci IG:
the SMART on FHIR Framework ,
mutually authenticated TLS ,
the ONC FHIR At Scale Taskforce (FAST) security tiger team recommended solutions, or
the OAuth Server to Server Authentication as defined in the Bulk Data exchange IG.
Attachments
Issue Links
- is voted on by
-
BALLOT-32623 Negative - Celine Lefebvre : 2022-May-FHIR IG PAS R2 STU
- Retracted
- mentioned in
-
Page Loading...