Uploaded image for project: 'FHIR Specification Feedback'
  1. FHIR Specification Feedback
  2. FHIR-42648

Please document use cases for NDH Secure Exchange Artifacts extension

XMLWordPrintableJSON

    • Icon: Change Request Change Request
    • Resolution: Persuasive with Modification
    • Icon: Medium Medium
    • National Directory of Healthcare Providers and Services (NDH) (FHIR)
    • 1.0.0-ballot
    • Patient Administration
    • NDH Exchange Endpoint Profile
    • Exchange Artifacts
    • 27.151.1
    • Hide

      Add guidance that this extension should only be used when the standard for exchange requires the discovery of a public key.

      Show
      Add guidance that this extension should only be used when the standard for exchange requires the discovery of a public key.
    • Bob Dieterle / Ming Dunajick: 5-0-1
    • Clarification
    • Non-substantive

      There is next to no documentation in the IG for this extension, making it very difficult to evaluate its efficacy and appropriate usage. 

      The NDH Secure Exchange Artifacts extension carries a certificate and some metadata for it. But the use cases for when this extension would be needed are not documented; please do so. What does it mean to associate a certificate with an Endpoint? You don't need an SSL server cert, as you get that in the TLS handshake. You don't need a signing cert for SAML assertions or JWTs in messages, as those are typically carried in the signatures or made available via existing methods like this for SMART: https://hl7.org/fhir/uv/bulkdata/authorization/index.html#registering-a-smart-backend-service-communicating-public-keys.

            Unassigned Unassigned
            jlamy Joseph M. Lamy
            Joseph M. Lamy
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: