HL7AU - FHIR WG : Meeting SM TWG 2017-10-19

19 Oct 2017

Attendees

Agenda

• Certificate Policy Approaches
  • Certificate provided/referenced in Endpoint
  • Trust of NASH 
  • Criteria for Trust of Others
  • Certificate Authorities
  • Written process statements?
  • Certificate Revocation List

Minutes

• Support vendor allocated certificates
• Vendor certificates must contain target identifier
• Vendor certificates will be for vendor allocated target identifiers
• Allow multiple target identifiers in vendor allocated certificates
• Vendor certificate signed payload
  • MessageMetadataType: senderOrganisation (URI)
  • Verify the payload - obtain signing cetificate
  • Check certificate is trusted
    • CA Chain trust check
    • Check senderOrganisation is in the list of subject alternative names (URL) 

• ELS untrusted content
• Sender identify the party in certificate 
• Trust the ELS service + entries from vendors
• Encrypting the content for receiver
• Sender signing content 
• PractitonerRole + HealthcareService → Endpoint content trusted
• Allow vendor target identifier
• Match target identifier with certificate content (CN?)
• Endpoint contains encrypting certificate
• Signing certificates are for payload content
• MO examples target/sender https://ns.medical-objects.com.au/id/org/1.0/84CE59F6-4BC2-4643-ACA8-9479AA4525C6
• MO examples target/sender  https://ns.medical-objects.com.au/id/org/1.0/PracticeSomewhere^7266D13A-67EA-4416-8EF8-4A2534A8EC37^GUID

Action items

• Todo: Provider roles mapping SNOMED, NHSD
• Todo: Healthcare service roles mapping SNOMED, NHSD
• Todo: Enhanced examples 

•