[Openid-specs-heart] Confidentiality and sensitivity scopes: needs a bit more discussion and an example
Justin Richer
jricher at mit.edu
Sat Jun 10 11:55:40 UTC 2017
We don't want to presume that all data is tagged and friable. That was a
big debate earlier on in the group and we decided, and I still believe,
that that kind of data tagging is out of scope for here. That's why it
says "where possible". If it's not possible to filter that data, you're
not required to.
-- Justin
On 6/9/2017 4:52 PM, Eve Maler wrote:
> I'm thinking that it wouldn't hurt to have a bit more disquisition on
> this topic in the OAuth+FHIR spec. :-)
>
> Here's what the spec says
> <http://xml2rfc.tools.ietf.org/cgi-bin/xml2rfc.cgi?modeAsFormat=html/ascii&url=https://bitbucket.org/openid/heart/raw/master/openid-heart-fhir-oauth2.xml#ConfidentialitySensitivity>:
>
> "This specification makes no assumptions regarding the ability of
> resource servers to tag and filter data. A resource server that is
> capable of filtering information MUST advertise this capability
> through the use of these scopes. Resource servers SHOULD use this
> access information to filter out data being returned to a client, if
> possible. If an access token does not contain a given confidentiality
> or sensitivity marker, the resource server SHOULD assume that the
> client does not have access to that information and SHOULD apply
> appropriate filters to the data, where possible."
>
> Maybe a more direct way to state the last sentence is that the RS
> SHOULD filter data with such a scope (do we even need to say "where
> possible"? what are the conditions for that?) as long as the scope
> /was not granted/. And then we should give an example, so that the
> consequences are brought home to the reader. Maybe even give the
> converse example too.
>
> *Eve Maler
> *ForgeRock Office of the CTO | VP Innovation & Emerging Technology
> Cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl
>
>
>
> _______________________________________________
> Openid-specs-heart mailing list
> Openid-specs-heart at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs-heart
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20170610/740d905c/attachment.html>
More information about the Openid-specs-heart
mailing list