Verifiable Health Link
0.0.2-current - ci-build
Verifiable Health Link, published by IHE IT Infrastructure Technical Committee. This guide is not an authorized publication; it is the continuous build for version 0.0.2-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/IHE/ITI.VHL/ and changes regularly. See the Directory of published versions
Active as of 2025-06-16 |
<Requirements xmlns="http://hl7.org/fhir">
<id value="VerifyDocumentSignature"/>
<text>
<status value="generated"/>
<div xmlns="http://www.w3.org/1999/xhtml"><p class="res-header-id"><b>Generated Narrative: Requirements VerifyDocumentSignature</b></p><a name="VerifyDocumentSignature"> </a><a name="hcVerifyDocumentSignature"> </a><p>These requirements apply to the actor <a href="ActorDefinition-VHLReceiver.html">VHL Receiver</a></p><table class="grid"><tr><td><b><a name="extract-signature-keyid"> </a></b>Extract Signature and Key ID</td><td/><td><div><p>Upon receipt of a digitally signed health document, extract signature, key id, and participant code.</p>
</div></td></tr><tr><td><b><a name="lookup-DSC"> </a></b>Lookup DSC</td><td/><td><div><p>Lookup Document Signing Certificate (DSC) public key by key id and participant code</p>
</div></td></tr><tr><td><b><a name="verify-signature"> </a></b>Verify Signature</td><td/><td><div><p>Verify signature using the public key</p>
</div></td></tr></table></div>
</text>
<url
value="https://profiles.ihe.net/ITI/VHL/Requirements/VerifyDocumentSignature"/>
<version value="0.0.2-current"/>
<name value="VerifyDocumentSignature"/>
<title value="Verify Document Signature"/>
<status value="active"/>
<date value="2025-06-16T13:14:26+00:00"/>
<publisher value="IHE IT Infrastructure Technical Committee"/>
<contact>
<telecom>
<system value="url"/>
<value value="https://www.ihe.net/ihe_domains/it_infrastructure/"/>
</telecom>
</contact>
<contact>
<telecom>
<system value="email"/>
<value value="iti@ihe.net"/>
</telecom>
</contact>
<contact>
<name value="IHE IT Infrastructure Technical Committee"/>
<telecom>
<system value="email"/>
<value value="iti@ihe.net"/>
</telecom>
</contact>
<description
value="The [VHL Receiver](ActorDefinition-VHLReceiver.html), upon receiving a digitally signed health document from a [VHL Sharer](ActorDefinition-VHLSharer.html), MAY verify the document's digital signature using previously retrieved PKI material.
This verification process confirms the authenticity, integrity, and provenance of the document independently of the Verified Health Link (VHL) itself.
The public key used for this verification MAY:
* Originate from a different trust network than the one used to validate the VHL
* Be unrelated to the key used to validate the VHL signature
Implementers SHOULD consult cross-profile guidance regarding interoperability with the [IHE Document Digital Signature (DSG) profile](https://profiles.ihe.net/ITI/TF/Volume1/ch-37.html), particularly in cases where additional attestation, long-term non-repudiation, or multi-party signatures are involved."/>
<jurisdiction>
<coding>
<system value="http://unstats.un.org/unsd/methods/m49/m49.htm"/>
<code value="001"/>
</coding>
</jurisdiction>
<actor
value="https://profiles.ihe.net/ITI/VHL/ActorDefinition/VHLReceiver"/>
<statement>
<key value="extract-signature-keyid"/>
<label value="Extract Signature and Key ID"/>
<requirement
value="Upon receipt of a digitally signed health document, extract signature, key id, and participant code."/>
</statement>
<statement>
<key value="lookup-DSC"/>
<label value="Lookup DSC"/>
<requirement
value="Lookup Document Signing Certificate (DSC) public key by key id and participant code"/>
</statement>
<statement>
<key value="verify-signature"/>
<label value="Verify Signature"/>
<requirement value="Verify signature using the public key"/>
</statement>
</Requirements>