<p dir="ltr">The way it was explained to me ... standards/profiles are not really final until they go through interoperability and have proven implementations.</p>
<p dir="ltr">Its good standards practice. I understand that openid connect went through 2 Implementers draft and 3 interoperability testing before they became final . (John B please correct me if I have those stats wrong )</p>
<p dir="ltr"> </p>
<div class="gmail_quote">On Nov 23, 2015 6:28 PM, "Moehrke, John (GE Healthcare)" <<a href="mailto:John.Moehrke@med.ge.com">John.Moehrke@med.ge.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div bgcolor="white" lang="EN-US" link="blue" vlink="purple"><div><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">so, not being an OpenID expert… yet someone that wants to inform the healthcare ‘security interested’ community…<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">What does “implementers draft” and ‘not’ mean? Is there a specification somewhere that speaks to the lifecycle of openID specifications?<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">John<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p><div><div style="border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in 0in 0in"><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext"> Justin Richer [mailto:<a href="mailto:jricher@mit.edu" target="_blank">jricher@mit.edu</a>] <br><b>Sent:</b> Monday, November 23, 2015 5:26 PM<br><b>To:</b> Moehrke, John (GE Healthcare); Eve Maler<br><b>Cc:</b> <a href="mailto:openid-specs-heart@lists.openid.net" target="_blank">openid-specs-heart@lists.openid.net</a><br><b>Subject:</b> Re: [Openid-specs-heart] HEART Agenda 2015-11-23<u></u><u></u></span></p></div></div><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal" style="margin-bottom:12.0pt">Eve is correct -- we are very specifically *NOT* putting the "OAuth for FHIR" spec up for implementer's draft.<br><br> -- Justin<u></u><u></u></p><div><p class="MsoNormal">On 11/23/2015 6:17 PM, Moehrke, John (GE Healthcare) wrote:<u></u><u></u></p></div><blockquote style="margin-top:5.0pt;margin-bottom:5.0pt"><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Thanks for the clarification. </span><u></u><u></u></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> Eve Maler [<a href="mailto:eve.maler@forgerock.com" target="_blank">mailto:eve.maler@forgerock.com</a>] <br><b>Sent:</b> Monday, November 23, 2015 5:16 PM<br><b>To:</b> Moehrke, John (GE Healthcare)<br><b>Cc:</b> Debbie Bucci; <a href="mailto:openid-specs-heart@lists.openid.net" target="_blank">openid-specs-heart@lists.openid.net</a><br><b>Subject:</b> Re: [Openid-specs-heart] HEART Agenda 2015-11-23</span><u></u><u></u></p><p class="MsoNormal"> <u></u><u></u></p><div><p class="MsoNormal">Very close. We are going through a review process of these three:<u></u><u></u></p><div><p class="MsoNormal"> <u></u><u></u></p></div><div><div><p class="MsoNormal"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__openid.bitbucket.org_HEART_openid-2Dheart-2Doauth2.html&d=CwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=WszmQrRkhRd7JPxJrFwDlwE2aZySbtQv0mbSuqgkbsk&s=ylEoYlfAxzLFYhR-Ye1sBIwd7B4e4TipaFnBZAQ9GDg&e=" target="_blank">HEART profile for OAuth 2.0.</a><u></u><u></u></p></div></div><div><p class="MsoNormal"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__openid.bitbucket.org_HEART_openid-2Dheart-2Doidc.html&d=CwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=WszmQrRkhRd7JPxJrFwDlwE2aZySbtQv0mbSuqgkbsk&s=THEUmknDPFvGXSNjIxA2nI1iydGla0tCLBlcsKVQGPM&e=" target="_blank">HEART profile for OpenID Connect.</a><u></u><u></u></p></div><div><p class="MsoNormal"><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__openid.bitbucket.org_HEART_openid-2Dheart-2Duma.html&d=CwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=WszmQrRkhRd7JPxJrFwDlwE2aZySbtQv0mbSuqgkbsk&s=b8V9qAKvjn1GHivPC65T0SPQjNtnwAc-9CGugLERNy4&e=" target="_blank">HEART profile for User-Managed Access (UMA).</a><u></u><u></u></p></div><div><p class="MsoNormal"> <u></u><u></u></p></div><div><p class="MsoNormal">Each succeeding one builds on the last, and none is particularly healthcare-specific. The approval process will be for Implementer's Draft status, which is still an interim status that has IPR review implications for those on the WG.<u></u><u></u></p></div><div><p class="MsoNormal"> <u></u><u></u></p></div></div><div><p class="MsoNormal"><br clear="all"><u></u><u></u></p><div><div><div><div><div><p><b>Eve Maler<br></b>ForgeRock Office of the CTO | VP Innovation & Emerging Technology<br>Cell <a href="tel:%2B1%20425.345.6756" value="+14253456756" target="_blank">+1 425.345.6756</a> | Skype: xmlgrrl | Twitter: @xmlgrrl<br>Join our <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__forgerock.org_openuma_&d=CwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=WszmQrRkhRd7JPxJrFwDlwE2aZySbtQv0mbSuqgkbsk&s=Sws29jXfadLec1pfIhWr4C7UxkYqzY0rUZ_C5U3oxhg&e=" target="_blank">ForgeRock.org OpenUMA</a> community!<u></u><u></u></p></div></div></div></div></div><p class="MsoNormal"> <u></u><u></u></p><div><p class="MsoNormal">On Mon, Nov 23, 2015 at 2:26 PM, Moehrke, John (GE Healthcare) <<a href="mailto:John.Moehrke@med.ge.com" target="_blank">John.Moehrke@med.ge.com</a>> wrote:<u></u><u></u></p><div><div><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">so If I understood the discussion today, we want to ask for review, comment, and eventual approval of the existing three profiles. Specifically</span><u></u><u></u></p><p class="MsoNormal"><span style="font-family:Symbol">·</span> HEART profile for <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__openid.bitbucket.org_HEART_openid-2Dheart-2Doauth2.html&d=CwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=WszmQrRkhRd7JPxJrFwDlwE2aZySbtQv0mbSuqgkbsk&s=ylEoYlfAxzLFYhR-Ye1sBIwd7B4e4TipaFnBZAQ9GDg&e=" target="_blank">OAuth 2.0. </a><u></u><u></u></p><p class="MsoNormal"><span style="font-family:Symbol">·</span> HEART profile for <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__openid.bitbucket.org_HEART_openid-2Dheart-2Doidc.html&d=CwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=WszmQrRkhRd7JPxJrFwDlwE2aZySbtQv0mbSuqgkbsk&s=THEUmknDPFvGXSNjIxA2nI1iydGla0tCLBlcsKVQGPM&e=" target="_blank">OpenID Connect.</a> <u></u><u></u></p><p class="MsoNormal"><span style="font-family:Symbol">·</span> HEART profile for Fast Healthcare Interoperability Resources <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__openid.bitbucket.org_HEART_openid-2Dheart-2Dfhir-2Doauth2.html&d=CwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=WszmQrRkhRd7JPxJrFwDlwE2aZySbtQv0mbSuqgkbsk&s=rS3pe-l_SlZIPbiM9CyqyoxDO6rBXbNpd9ONniqk700&e=" target="_blank">(FHIR) OAuth 2.0 scopes</a>.<u></u><u></u></p><p class="MsoNormal"> <u></u><u></u></p><p class="MsoNormal">Where, as we reviewed today, the first two are really not specialized for healthcare, as they are foundational. The third one is a set of scopes that are proposed for use with FHIR DSTU2. All three are important building blocks for the work we are currently developing.<u></u><u></u></p><p class="MsoNormal"> <u></u><u></u></p><p class="MsoNormal">John<u></u><u></u></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> Openid-specs-heart [mailto:<a href="mailto:openid-specs-heart-bounces@lists.openid.net" target="_blank">openid-specs-heart-bounces@lists.openid.net</a>] <b>On Behalf Of </b>Debbie Bucci<br><b>Sent:</b> Sunday, November 22, 2015 7:13 PM<br><b>To:</b> <a href="mailto:openid-specs-heart@lists.openid.net" target="_blank">openid-specs-heart@lists.openid.net</a><br><b>Subject:</b> [Openid-specs-heart] HEART Agenda 2015-11-23</span><u></u><u></u></p><div><div><p class="MsoNormal"> <u></u><u></u></p><div><p class="MsoNormal"><strong><span style="font-family:"Times","serif"">When: 1 PM PST/4 PM EST</span></strong><u></u><u></u></p><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Times","serif"">Where: Gotomeeting – </span></b><span style="font-size:10.0pt;font-family:"Times","serif""><a href="https://global.gotomeeting.com/join/785234357" target="_blank">https://global.gotomeeting.com/join/785234357</a></span><u></u><u></u></p><p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Times","serif"">US phone number</span></b><span style="font-size:10.0pt;font-family:"Times","serif"">: <a href="tel:%2B1%20%28619%29%20550-0003" target="_blank"><span style="color:#0066cc">+1 (619) 550-0003</span></a>. Access Code 785-234-357</span><u></u><u></u></p><p class="MsoNormal"><b><span style="font-size:10.0pt"> </span></b><u></u><u></u></p><p class="MsoNormal"><span style="font-size:10.0pt"> </span><u></u><u></u></p><p class="MsoNormal"><b><span style="font-size:10.0pt">Agenda :</span></b><u></u><u></u></p><p class="MsoNormal" style="margin-left:47.25pt"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt"> </span><span style="font-size:10.0pt">Implementer's Draft - Justin Richer</span><u></u><u></u></p><p class="MsoNormal" style="margin-left:47.25pt"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt"> </span><span style="font-size:10.0pt">Update from MITFuture Commerce <br>Hackathon & Symposium - Adrian Gropper</span><u></u><u></u></p><p class="MsoNormal" style="margin-left:47.25pt"><span style="font-size:10.0pt;font-family:Symbol">·</span><span style="font-size:7.0pt"> </span><span style="font-size:10.0pt">AOB</span><u></u><u></u></p></div></div></div></div></div><p class="MsoNormal" style="margin-bottom:12.0pt"><br>_______________________________________________<br>Openid-specs-heart mailing list<br><a href="mailto:Openid-specs-heart@lists.openid.net" target="_blank">Openid-specs-heart@lists.openid.net</a><br><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.openid.net_mailman_listinfo_openid-2Dspecs-2Dheart&d=CwMFaQ&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=WszmQrRkhRd7JPxJrFwDlwE2aZySbtQv0mbSuqgkbsk&s=xVY6SFS5-GPcB9vzAnUQJKs8LpWsY-9l4Uk10egzcN4&e=" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-heart</a><u></u><u></u></p></div><p class="MsoNormal"> <u></u><u></u></p></div><p class="MsoNormal"><br><br><br><u></u><u></u></p><pre>_______________________________________________<u></u><u></u></pre><pre>Openid-specs-heart mailing list<u></u><u></u></pre><pre><a href="mailto:Openid-specs-heart@lists.openid.net" target="_blank">Openid-specs-heart@lists.openid.net</a><u></u><u></u></pre><pre><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.openid.net_mailman_listinfo_openid-2Dspecs-2Dheart&d=CwMD-g&c=IV_clAzoPDE253xZdHuilRgztyh_RiV3wUrLrDQYWSI&r=B4hg7NQHul-cxfpT_e9Lh49ujUftqzJ6q17C2t3eI64&m=vk43d5JA9xKnpMqtfkrMZzZ2d_2m1wJiHmJlmiw4cOs&s=t1nOUW91on-hOV93CeIo77vc5hxJadaSkGBhdQtWzLw&e=" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-heart</a><u></u><u></u></pre></blockquote><p class="MsoNormal"><u></u> <u></u></p></div></div><br>_______________________________________________<br>
Openid-specs-heart mailing list<br>
<a href="mailto:Openid-specs-heart@lists.openid.net">Openid-specs-heart@lists.openid.net</a><br>
<a href="http://lists.openid.net/mailman/listinfo/openid-specs-heart" rel="noreferrer" target="_blank">http://lists.openid.net/mailman/listinfo/openid-specs-heart</a><br>
<br></blockquote></div>