Comments (2)
Payload is not encrypted. It is raw BLOB data. It is not compliant with NIST SP800-53 guidelines as payload must be encrypted with signature which are exchanged to validate.
from health-cards.
To clarify, which version of NIST 800-53 are you looking at (v5 or v4) and which controls (and control enhancements) are being referenced? Also, what is the scope or 'system boundary' that is being included in this question?
Compliance is broad brush, so specifics are helpful to nail down the necessary protections vs tradeoffs to promote overall the system boundary's confidentiality, integrity, and availability.
from health-cards.
Related Issues (20)
- Clarification re multiple QR codes HOT 15
- Request change to use only NIST IAL Levels 1, 2, and 3. HOT 2
- Publish reference implementation of card parser HOT 2
- Java implementation of Jws HOT 1
- specify version 22 HOT 8
- Examples are not generating HOT 3
- Error related to generationg certificates HOT 4
- QR code FAQ link broken HOT 3
- Governance needs to be clarified HOT 2
- Release Tagging lax
- Create new github release matching spec's changelog version HOT 3
- Golang "swiss army knife" for smart health cards HOT 2
- Optional exp field to be honoured by verifiers HOT 2
- Can I get clarification on the section "Every Health Card can be embedded in a QR code" HOT 1
- Clarification of computation of `rid` HOT 3
- Clarification on how to encode a QR code HOT 1
- Clarification of examples/allowable data HOT 4
- Document sample certificate-generating script HOT 1
- Rationale for inclusion of kid in recommended revocation id generation scheme HOT 5
- Response code 404 (Not Found) HOT 13
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from health-cards.