On Wednesday 06 December 2006 23:08, Mario Ruiz wrote: > Ross, > > I'm happy for you to kickoff, lets get going. > > Mario > > Ross Davey wrote: > > If the participants would like, I would be pleased to start the ball > > rolling by preparing a short discussion paper on the different options > > for implementing digital signing. This would cover issues of whether > > the entire HL7 message is signed, whether the atomised data is signed, > > whether the individual OBX segments are signed, whether the facsimile of > > the document is separately signed, whether the signing should be > > agnostic to wvwn whether the payload is HL7 or other messaging formats > > etc etc. > > This should encourage some lively debate and hopefully give us some rich > > food for thought.. The HL7 standards already spell out exactly how messages should be encapsulated with both X.509 and OpenPGP. This neatly matches the existing RFCs around encryption of RFC838 messages. Simply put, they advocate signing the whole message, and you can sign any MIME object, not just HL7. (Interestingly, the chapter starts with an excellent polemic against the Web Services hype, which I dearly wish I could quote to the list)
It seems utterly pointless to re-invent the wheel here, as you are not proposing a new cryptosystem, nor a new payload format, just mixing them up in a different way. Ian
pgpHdsPxMctDh.pgp
Description: PGP signature
_______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
