Care organizations should endorse a service activation

nuts-foundation / nuts-registry

Distributed registry for storing and querying healthcare care providers their vendors and technical endpoints.

GNU General Public License v3.0

0 stars 0 forks source link

Care organizations should endorse a service activation #172

Open woutslakhorst opened 3 years ago

woutslakhorst commented 3 years ago

Currently only the vendor signs for a service activation. The vendor should remain responsible for setting the service up with the correct endpoints, but the care organization should endorse it with a signature.

This would be a feature for when care organizations have access to more easy to use cryptographic means.

reinkrul commented 3 years ago

I'd say we add a proof to the service from the organization stating something like "I agree that my vendor performs eOverdracht services for my care organization". The vendor must make sure to publish that proof with the service to 'activate' it. However I wouldn't allow 'unactivated' services, it's easier to require every service to have valid organization proof upfront.

woutslakhorst commented 3 years ago

However I wouldn't allow 'unactivated' services, it's easier to require every service to have valid organization proof upfront.

Yes, but from a migration and 'lets ship it' perspective it'll take longer to actually activate any service at all..

reinkrul commented 3 years ago

In that case I think they should be active by default until we add verifiable organization proof.