Verifiable Health Link, published by IHE IT Infrastructure Technical Committee. This guide is not an authorized publication; it is the continuous build for version 0.0.2-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/IHE/ITI.VHL/ and changes regularly. See the Directory of published versions

• Narrative Content
• XML
• JSON
• TTL

Requirements: Verify Document Signature

Official URL: https://profiles.ihe.net/ITI/VHL/Requirements/VerifyDocumentSignature				Version: 0.0.2-current
Active as of 2025-09-19				Computable Name: VerifyDocumentSignature

The VHL Receiver, upon receiving a digitally signed health document from a VHL Sharer, MAY verify the document's digital signature using previously retrieved PKI material.

This verification process confirms the authenticity, integrity, and provenance of the document independently of the Verified Health Link (VHL) itself.

The public key used for this verification MAY:

• Originate from a different trust network than the one used to validate the VHL
• Be unrelated to the key used to validate the VHL signature

Implementers SHOULD consult cross-profile guidance regarding interoperability with the IHE Document Digital Signature (DSG) profile, particularly in cases where additional attestation, long-term non-repudiation, or multi-party signatures are involved.

Publisher	IHE IT Infrastructure Technical Committee
Contact Email	No contact email has been registered.
Jurisdiction
Statements	Steps in the requirement: Extract Signature and Key ID : Upon receipt of a digitally signed health document, extract signature, key id, and participant code. Lookup DSC : Lookup Document Signing Certificate (DSC) public key by key id and participant code Verify Signature : Verify signature using the public key
Derived from	This requirement is not derived from another requriement.
Derivatives	This requirement has the following derivatives:
Participating Actors	VHL Receiver