Details
-
Change Request
-
Resolution: Persuasive
-
Highest
-
SMART on FHIR (FHIR)
-
2.0.0
-
FHIR Infrastructure
-
(NA)
-
-
Josh Mandel/Rick Geimer: 17-0-0
-
Clarification
-
Non-substantive
Description
A strict reading of this statement prohibits out-of-band communication of sensitive information, and communication to anything other than the actual server; for example, a generated password cannot be communicated to the administrator of client system via telephone.
Clarify that the scope of the statement.
Existing Wording:
Apps SHALL ensure that sensitive information (authentication secrets, authorization codes, tokens) is transmitted ONLY to authenticated servers, over TLS-secured channels.
(Comment 9 - imported by: Ron G. Parker)
Attachments
Issue Links
- is voted on by
-
BALLOT-46622 Affirmative - Ron G. Parker : 2023-Jan-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-47257 Affirmative - Joan Harper : 2023-Jan-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-47370 Affirmative - Elliot Silver : 2023-Jan-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-47410 Affirmative - Ken Sinn : 2023-Jan-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed
-
BALLOT-47449 Affirmative - Harsh Sharma : 2023-Jan-HL7 FHIR IG SMART APP LAUNCH R2 STU
- Closed