Verifiable Health Link
0.0.2-current - ci-build International flag

Verifiable Health Link, published by IHE IT Infrastructure Technical Committee. This guide is not an authorized publication; it is the continuous build for version 0.0.2-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/IHE/ITI.VHL/ and changes regularly. See the Directory of published versions

Requirements: Submit PKI Material

Official URL: https://profiles.ihe.net/ITI/VHL/Requirements/SubmitPKIMaterial Version: 0.0.2-current
Active as of 2025-06-16 Computable Name: SubmitPKIMaterial

When a VHL Sharer or VHL Receiver generates a new public-private key pair for use within the VHL trust network, they SHALL submit the corresponding public key material to the Trust Anchor for validation and inclusion in the trust list.

The submission MAY include metadata to support categorization of key usage (e.g., digital signatures, encryption, mTLS) and business or operational context.

Publisher IHE IT Infrastructure Technical Committee
Contact Email No contact email has been registered.
Jurisdiction
Statements Steps in the requirement:
  1. Generate Private-Public Key Pair :

    Generate one or more private-public key pairs for use within the VHL trust network. Key pairs SHOULD be scoped to specific usage contexts (e.g., signing, encryption, or mTLS) and MAY be categorized by business domain or participant role.

  2. Prepare Submission Metadata :

    Include relevant metadata to support validation and categorization. This MAY include:

    • Intended key usage
    • Organizational identifier or participant reference
    • Certificate validity period
    • Trust path information (e.g., issuing CA)
  3. Submit to Trust Anchor :

    Submit the public key material and associated metadata to the Trust Anchor using the designated secure channel for validation and trust list inclusion.

  4. Support Future Distribution :

    Ensure that the submitted PKI material can be validated, signed, and distributed by the Trust Anchor to other trust network participants through Distribute PKI Material.
Derived from
Derivatives This requirement has the following derivatives:
Participating Actors