Comments (6)
Making a note here on how I think we should define a wallet.
Defining a "Wallet"
To clear up terminology, let's define a "Wallet" as an entity on a device that has private keys (and therefore a unique Long-Form DID).
This definition covers the following use cases:
- User has the same app installed on several devices - Reasonably expect each app to have separate private keys (if they are stored locally, otherwise that's out of scope). Note this relies on including the wallet's DID in a
$HealthWallet.connect
call, since havnig the same client_id (same app) makes it ambiguous which wallet is which (given assumptions below on only callingconnect
ONCE). See issue #34 I reference/created above - User has multiple apps installed on the same device - Definitely have separate private keys, since they are separate apps
The expectation should be that patients/users can have multiple wallets connected to the same issuer/lab account. There isn't anything in the spec that explicitly prohibits that.
Note on Sharing Wallets
Note a user might have multiple lab accounts (Read: Shares their phone/wallet with another person), and connect them all to the same "Wallet". Issuers should handle having the same DID attached to multiple distinct users (note multiple users doesn't 100% correspond to multiple fhirUser
resource representations, since multiple RelatedPerson
users could be the same user in the Issuer's system).
Note on Linking Individual Patients
For the workflow of user/patient being different, issuers will need to be prepared to support some sort of granular user-wallet-patient scoping (note the order there). Here's how that might look:
- A given user may have generic access to 2 patients (maybe including themselves), Patients A and B
- The user conducts a SMART on FHIR launch with their wallet, and logs in with Patient A in context (launch/patient scope)
- The wallet calls the
$HealthWallet.connect
operation behind Patient A'sPatient/:id
path - The issuer (if it verifies the request) does the following:
- Links that wallet generically to the logged in user's account
- Specifically links that wallet only to Patient A, which would give this wallet authorization to receive VCs for Patient A
- Later on the user launches the same wallet from the context of Patient B
- The wallet attempts to call
$HealthWallet.issueVc
without callingconnect
- In response, the request should fail, most appropriately with the
no-did-bound
error code - In a correct workflow, the wallet would call
$HealthWallet.connect
operation behind Patient B'sPatient/:id
path, and the issuer may potentially have special handling to say "Hey I know this DID for this user, let's just edit the existing permissions for that DID instead of making a brand new link."
from health-cards.
Also, the presentationContext
parameter is said to be required, but isn't in the example requests.
See the $HealthWallet.issueVc
operation definition:
The
credentialType
andpresentationContext
parameters are both required. By default, the issuer will decide which identity claims to include based on the requestedpresentationContext
.
I'm planning to edit this section in a PR anyway to address the above issue, so I can work on this as well. Is there an example I can use (with maybe more explanation) OR is this not actually a defined field?
from health-cards.
I'm planning to edit this section in a PR anyway to address the above issue, so I can work on this as well. Is there an example I can use (with maybe more explanation) OR is this not actually a defined field?
presentationContext
is something we've stripped away for now. (The idea was to define different contexts with different minimum data sets required -- and I think eventually we might want to do this, but to start, it's better to focus on "store a health card, share a health card".) If it's still mentioned in the spec, it's an error.
from health-cards.
"Hey I know this DID for this user, let's just edit the existing permissions for that DID instead of making a brand new link."
I'm not sure what this implies; how is the process or outcome for "edit[ing] the existing permissions" different than "making a brand-new link"?
from health-cards.
As noted at #21 (comment), I'm happy with these changes as long as we make it clear that it's OK for issuers to only support a single link for each Patient ID, clearing out previous links when connect
is called on a given Patient ID.
from health-cards.
Wallet binding is no longer part of the spec since #64 .
from health-cards.
Related Issues (20)
- Clarification re multiple QR codes HOT 15
- Request change to use only NIST IAL Levels 1, 2, and 3. HOT 2
- Publish reference implementation of card parser HOT 2
- Java implementation of Jws HOT 1
- specify version 22 HOT 8
- Examples are not generating HOT 3
- Error related to generationg certificates HOT 4
- QR code FAQ link broken HOT 3
- Governance needs to be clarified HOT 2
- Release Tagging lax
- Create new github release matching spec's changelog version HOT 3
- Golang "swiss army knife" for smart health cards HOT 2
- Optional exp field to be honoured by verifiers HOT 2
- Can I get clarification on the section "Every Health Card can be embedded in a QR code" HOT 1
- Clarification of computation of `rid` HOT 3
- Clarification on how to encode a QR code HOT 1
- Clarification of examples/allowable data HOT 4
- Document sample certificate-generating script HOT 1
- Rationale for inclusion of kid in recommended revocation id generation scheme HOT 5
- Response code 404 (Not Found) HOT 13
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from health-cards.