Closed stevenvegt closed 1 year ago
RFC002 is part of spec v1.0. I think you need to create a new RFC that amends rfc002.
Not sure how a new RFC will solve that problem? I don't like that option since it make thinks harder to find. Also, we explicitly state in section 7.1:
Future means will be added when available.
Which is what we do now.
RFC002 is part of spec v1.0. I think you need to create a new RFC that amends rfc002.
Not sure how a new RFC will solve that problem? I don't like that option since it make thinks harder to find. Also, we explicitly state in section 7.1:
Future means will be added when available.
Which is what we do now.
Well, then we would have to have a conversation about how we create specifications somewhere in the future. RFCs are not meant to change. So we either use RFCs or have versioned specs. But not a mix.
A simplification for the credential could be:
credentialSubject
which contains the following information:
@type
which contains the EmployeeRole
type to indicate the contents describes a EmployeeRole as defined by schema.orgidentifier
which contains the employee number, username or email. This identifier MUST uniquely identify one natural person within the care organisation.roleName
(optional) which contains the name of the role of the person during this user session.member
which contains the following information:
@type
which contains the Person type.initials
which contains the initials of the person.familyName
which contains the last name of the person.This would remove some if-this-then-that logic. email is really only needed as unique identifier.
This PR is a RFC for the
NutsEmployeeIdentity
which allows a care organisation to construct a claim about a current logged-in user. Since the user identity is issued by the care origanisation instead of a trusted third party (such as the government), it has a low trust level, but also comes with a simpler UX. It can be used in situations where a lower level of trust is appropriate and and then removes an extra burden from the care givers of using a personal authentication device.