J Collett wrote: >>You can scan a handsigned referral and sign that with a location >>certificate and store it in a database and throw away the paper. For >>documents that have never existed as paper a smartcard solution is >>appropriate and you would be hard pressed to find anyone in the >>security community to support using location certificates. >> >> > >How do you sign the scanned doco with your HeSA Individual certificate? >I've looked in various scanning s/w and also some of the EHRs that scan and >can't see how. Does this not need to be programmed in by the vendors? > >I asked this of the, then, HIC Manager for PKI and Information Standards in >approximately 2002 and was told you have to then email the scanned doco to >yourself, thereby being able to sign it with your key. > > > >>Duncan needs to store a PKI signed version of the referral in his >>database and then its fine. It needs to be signed with a smartcard, or >>else receptionists could generate legal referrals at will. >> >> > >If the EHR allowed you to sign a letter you produced (without having to >email it) and sign incoming scanned docos, this would be quite beneficial in >Duncan's circumstances (as I think I already pointed out in a previous >post). > > I can't see how this is a solution to anything. Duncan can sign any old crap and say it is a valid referral but there is no cryptographic or even logical proof of anything except that he once signed it.
David -- SIP [EMAIL PROTECTED] NodePhone +61 7 31290168 Jabber [EMAIL PROTECTED]
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
