Verifiable Health Link
0.0.2-current - ci-build International flag

Verifiable Health Link, published by IHE IT Infrastructure Technical Committee. This guide is not an authorized publication; it is the continuous build for version 0.0.2-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/IHE/ITI.VHL/ and changes regularly. See the Directory of published versions

ActorDefinition: Trust Anchor

Official URL: https://profiles.ihe.net/ITI/VHL/ActorDefinition/TrustAnchor Version: 0.0.2-current
Active as of 2025-06-16 Computable Name: TrustAnchor

An authorized organization in the trust framework that manages and distributes PKI material—such as public key certificates and revocation lists—to participants in the network. It ensures that this material is trustworthy and available, enabling VHL Sharers and VHL Receivers to verify digital signatures and authenticate the origin of shared data.

Publisher No publisher has been registered.
Contact Email No contact email has been registered.
Jurisdiction 001
Capability Statements This actor fufills the following capabilities:
  • Trust Anchor :

    CapabilityStatement for Trust Anchor Actor in the IHE IT Infrastructure Technical Framework Supplement IHE VHL. An authorized organization in the trust framework that manages and distributes PKI material—such as public key certificates and revocation lists—to participants in the network. It ensures that this material is trustworthy and available, enabling VHL Sharers and VHL Receivers to verify digital signatures and authenticate the origin of shared data.
Requirements This actor fulfills the following requirements:
  • Distribute PKI Material:

    Upon receipt of public key material from a VHL Sharer or VHL Receiver, the Trust Anchor SHALL validate, organize, sign, and expose the PKI material as part of a trusted, canonical trust list.

    This signed trust list enables all participants in the VHL trust network to verify digital signatures and establish secure connections in accordance with the governance policies of the Trust Anchor.

  • Provide PKI material:

    Upon receiving a Retrieve PKI Material request, the Trust Anchor SHALL validate the request and respond with appropriate public key material.

    This MAY include:

    • Public key certificates, trust chains, or JWKS structures
    • Revocation data (CRL or OCSP)
    • Usage metadata (e.g., key type, scope, intended usage)

    The Trust Anchor SHALL only respond with validated and trustworthy material in accordance with the governance policies of the VHL trust framework.