Open bramwesselo opened 1 month ago
From an issuer and verifier perspective such a credential is more complex and thus sensitive for errors. Instead of requiring that a NutsUraCredential
is issued by X you have to check if a NutsCareProviderCredential
is issued by X and has system http://fhir.nl/fhir/NamingSystem/ura
. This is required because you have to limit which identifier can be issued by which authentic registry.
So you have to make a decision on complexity on the trust/security layer vs a (convenience) feature on the functional layer.
Why? To make the use of multiple identifiers possible (within or outside NL) and translation/mapping to FHIR Organization is easier:
Current content NutsUraCredential:
"credentialSubject": { "id": "did:web:hospital.example.com:holder#1", "organization": { "ura": "3732", "name": "Example Hospital", "city": "Amsterdam" } }
Proposal for new NutsCareProviderCredential:
"credentialSubject": { "id": "did:web:hospital.example.com:holder#1", "organization": { "identifier": { "system": "http://fhir.nl/fhir/NamingSystem/ura", "value": "3732" }, "name": "Example Hospital", "address": { "city": "Amsterdam" } }