Difference between revisions of "Entity Statement"

From MgmtWiki
Jump to: navigation, search
(Solutions)
(Solutions)
Line 13: Line 13:
 
| Entity Statement ||HL7 capability|| X.509 certificate||DID Document || Notes
 
| Entity Statement ||HL7 capability|| X.509 certificate||DID Document || Notes
 
|-
 
|-
| n/a || persistent URI|| version 3|| || Document ID - may include status & url to this or current version of doc
+
| n/a || persistent URI|| ver 3, Serial No.||@context || Document ID - may include status & url to this or current version of doc
 
|-
 
|-
 
| federation?|| imports || || || higher level doc included by reference
 
| federation?|| imports || || || higher level doc included by reference

Revision as of 12:19, 11 October 2019

Full Title or Meme

A digital document that describes a digital Entity typically signed by a trusted issuer or Authority.

Context

On the Identity Management page different roles are defined for Entities.

Problems

Solutions

Quite a few structures have been defined to describe entities. The Entity Statement created in the OpenID Connect Federation document is taken as be base for comparison with several others in the table below.

Entity Statement HL7 capability X.509 certificate DID Document Notes
n/a persistent URI ver 3, Serial No. @context Document ID - may include status & url to this or current version of doc
federation? imports higher level doc included by reference
n/a s/w app name may include status & a human readable description of function
software very specific software version (GUID?) incl. trade name, release date
iss publisher The entity identifier of the issuer of the statement may incl. contact
scope? use context
grant? purpose EKU
jurisdiction who's laws apply?
sub The entity identifier of the subject
iat date published The time the statement was issued.
exp Expiration time when the statement MUST NOT be used for new signatures
jwks public part of the subject entity's signing keys
authority_hints entities that may issue an entity statement about the issuer entity
metadata protocol specific metadata claims
metadata_policy type followed by organization information
metadata type kind of app overall purpose of this type of installation
policy instantiates uri of detailed description (level confusion)
sub_is_leaf is the subject considered a leaf entity
org implementation Legal entity incl contact, uri. not very exact correspondence (level confusion)
response mode rest How the request & response are put into http incl. security choices
messaging needs to be part of good implementation support
documentation seems out-of-place?
federation s/w app PKI self ID context

HL7 FHIR Capability Statement

The FHIR spec include a definition of a Resource Capability Statement. Which is similar in purpose to the Entity Statement but includes FHIR specific fields. To quote the spec "A Capability Statement documents a set of capabilities (behaviors) of a FHIR Server for a particular version of FHIR that may be used as a statement of actual server functionality or a statement of required or desired server implementation.".

References