Hello all This is a useful discussion - I am much more with Karsten than Gerard on this - all the 'proofs' in the world amount to nothing in the digital world - as things can be altered at any point anyway. The GnuMed trust solution does get someway towards this.
The technical solutions offered at the moment really do not match the reality and until we have working EHR systems and integration, these sorts of debate need to stay in the background. They do not really impinge greatly on the EHR requirements. But keep it up! Sam Heard > -----Original Message----- > From: owner-openehr-technical at openehr.org > [mailto:owner-openehr-technical at openehr.org]On Behalf Of Karsten Hilbert > Sent: Sunday, 15 September 2002 6:57 PM > To: Gerard Freriks > Cc: David Guest; Openehr-Technical; Ton Smit > Subject: Re: Archetype ontology > > > 1) How do I know that the passphrase I typed in to be used for > the secret key is used to sign what I see on screen and > nothing else ? > > 2) How does the court know that a signed screenshot was > actually shown on screen and not just fabricated and never > shown ? (It is my responsibility to _inspect_ what is being > shown but I cannot prove that signed "screenshots" were > actually displayed (on current-day systems). > > This isn't about 100% proof, this is about level of trust, > feasability, deniability and due process. Even with signing > screenshots. > > Or did I miss something ? > > Since it is my responsiblity to carefully inspect the > on-screen information I could just as well extend that view to > that it is my responsibility to use a system that I can trust > to show me what is actually in the database. Thusly I could > just as well sign database content. Gerard himself remarked > that we cannot sign that anyone actually reviewed any > information, only that it was made available. The latter can > be at the level of a screenshot - or at the level of database > content. After all it is my responsibility to inform myself > no matter where I get the information from. Say, I am using an > SQL shell and sign screenshots of my queries. Does this mean I > am not liable for the anaphylactic reaction just because I > didn't do the query for the known penicillin allergy ?!? > Obviously not, although I understand your position to be: "It > hasn't been shown to me hence I am not to blame." What other > purpose might a signed screenshot server ? To shift blame to > the EHR software manufacturer ? > > Lastly, one simple question. How does TNO propose to handle > the audit trail of signed screenshots simply in terms of > storage requirements ? > > > Making a hash of a screen dump indicates: This is the > information as I saw > > it on a screen and take responsibility for it by signing. > Nah, I doubt you really believe in the coherency of this > statement. A screendump merely shows what a screen _may_ have > looked like. > > Karsten Hilbert > -- > GPG key ID E4071346 @ wwwkeys.pgp.net > E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346 > - > If you have any questions about using this list, > please send a message to d.lloyd at openehr.org - If you have any questions about using this list, please send a message to d.lloyd at openehr.org
