Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

HL7 (Health Level 7) is een internationale standaard voor elektronische uitwisseling van medische, financiële en administratieve gegevens tussen zorginformatiesystemen. De standaard wordt gedefinieerd door de gelijknamige organisatie.

De Internet Engineering Task Force (IETF) is een internationale gemeenschap van netwerkontwerpers, - operators, -leveranciers en -onderzoekers die zich bezighoudt met de evolutie van de internetarchitectuur en de soepele werking van het internet. Deelname staat open voor alle geïnteresseerden. Op het technische niveau en met betrekking tot ontwikkeling, bestaat het internet bij de gratie van ontwerp, testen en implementatie van internetstandaarden. Deze standaarden worden ontwikkeld door het IETF. 

...

Referentie

Omschrijving

Document

Bron

HL7 FHIRHL7 FHIR R4DE HL7 FHIR Release 4http://hl7.org/fhir/R4/index.html
FHIR REST APIHL7 FHIR RESTful API
http://www.hl7.org/fhir/http.html
RFC2616HTTPv1.1Hypertext Transfer Protocol -- HTTP/1.1https://tools.ietf.org/html/rfc2616
RFC7540HTTPv2Hypertext Transfer Protocol – HTTP/2https://tools.ietf.org/html/rfc7540
RFC2617HTTP Authentication (Basic and Digest)HTTP Authentication (Basic and Digest)https://tools.ietf.org/html/rfc2617
RFC3986URI SyntaxUniform Resource Identifier (URI): Generic Syntaxhttps://tools.ietf.org/html/rfc3986rfc3986
RFC4122UUID URN NamespaceA Universally Unique IDentifier (UUID) URN Namespace. P. Leach; M. Mealling; R. Salz. IETF. July 2005. https://tools.ietf.org/html/rfc4122
RFC4627JSONThe application/json Media Type for JavaScript Object Notation (JSON)https://tools.ietf.org/html/rfc/4627
RFC5246TLS v1.2The Transport Layer Security Protocol, V1.2https://tools.ietf.org/html/rfc5246
RFC6585Additional HTTP Status CodesAdditional HTTP Status Codeshttps://tools.ietf.org/htmlhtml/rfc6585
RFC6749OAuth 2.0 Framework

The OAuth 2.0 Authorization Framework. D. Hardt, Ed.. IETF. October 2012.

  • OAuth 2.0 Multiple Response Types (spec)
  • OAuth 2.0 Form Post Response Mode (spec)
https://tools.ietf.org/html/rfc6749
RFC6750Bearer Token Usage

The OAuth 2.0 Authorization Framework: Bearer Token Usage. M. Jones; D. Hardt. IETF. October 2012

https://tools.ietf.org/html/rfc6750
RFC6755URN Sub-Namespace for OAuthURN Sub-namespace for use with OAuth-related specifications. Otober 2012https://tools.ietf.org/html/rfc6755
RFC6819Threat Model and Security ConsiderationsAdditional security considerations for OAuth, beyond those in the OAuth 2.0 specification, based on a comprehensive threat model for the OAuth 2.0 protocol. January 2013

https://tools.ietf.org/html/rfc6819

https://tools.ietf.org/html/draft-ietf-oauth-v2-threatmodel-08

RFC7235Autorization HeadersHypertext Transfer Protocol (HTTP/1.1): Authentication

https://tools.ietf.org/html/rfc7235#section-4.2

RFC7009Token RevocationAugust 2013https://tools.ietf.org/html/rfc7009
RFC7662Token Introspection Oktober 2015https://tools.ietf.org/html/rfc7662
RFC7515JSON Web Signature (JWS)JSON Web Token (JWT). M. Jones; J. Bradley; N. Sakimura. IETF. May 2015. https://tools.ietf.org/html/rfc7515
RFC7516JSON Web Encryption (JWE)Web Encryption (JWE). M. Jones. IETF. May 2015https://tools.ietf.org/html/rfc7516
RFC7517JSON Web Key (JWK)JSON Web Key (JWK). M. Jones. IETF. May 2015https://tools.ietf.org/html/rfc7517
RFC7518JSON Web Algorithms
https://tools.ietf.org/html/rfc7518
RFC7519JSON Web Token (JWT)JSON Web Token (JWT). M. Jones; J. Bradley; N. Sakimura. IETF. May 2015. https://tools.ietf.org/html/rfc7519
RFC7521Assertion FrameworkAssertion Framework for OAuth 2.0 Client Authentication and Authorization Grantshttps://tools.ietf.org/html/rfc7521
RFC7522SAML2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants

Defines the use of a SAML2.0 Bearer Assertion as a means for requesting an OAuth2.0 access token as well as for client authentication. May 2015

https://tools.ietf.org/html/rfc7522
RFC7523JWT profielen voor OAuth 2.0JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants. M. Jones; B. Campbell; C. Mortimore. IETF. May 2015.https://tools.ietf.org/html/rfc7523
RFC7636Proof Key for Code Exchange

Proof Key for Code Exchange by OAuth Public Clients. September 2015

https://tools.ietf.org/html/rfc7636
DRAFT-JWSREQ OAuth JAR

JWT Secured Authorization Request (draft)

https://tools.ietf.org/html/draft-ietf-oauth-jwsreq-30
RFC8628OAuth 2.0 Device GrantOAuth 2.0 Device Authorization Grant. August 2019https://tools.ietf.org/html/rfc8628
RFC8705Mutual TLS Client Authentication and Certificate-Bound Access TokensOAuth 2.0 Mutual TLS Client Authentication and Certificate-Bound Access Tokens. February 2020https://tools.ietf.org/html/rfc8705
OpenID ConnectOpenID Core

OpenID Connect Core 1.0. N. Sakimura, J. Bradley, M. Jones, B. de Medeiros, C. Mortimore. OpenID

  • OpenID Connect Core 1.0 (spec)
  • OpenID Connect Discovery 1.0 (spec)
  • OpenID Connect RP-Initiated Logout 1.0 - draft 01 (spec)
  • OpenID Connect Session Management 1.0 - draft 30 (spec)
  • OpenID Connect Front-Channel Logout 1.0 - draft 04 (spec)
  • OpenID Connect Back-Channel Logout 1.0 - draft 06 (spec)

https://openid.net/specs/openid-connect-core-1_0.html

RFC7591Dynamic Client RegistrationOAuth 2.0 Dynamic Client Registration Protocol. July 2015https://tools.ietf.org/html/rfc7591
RFC7592Dynamic Client Registration ManagementOAuth 2.0 Dynamic Client Registration Management Protocol. July 2015https://tools.ietf.org/html/rfc7592
RFC7662OAuth 2.0 Token IntrospectionDefines a method for a protected resource to query an OAuth 2.0 authorization server to determine the active state of an OAuth 2.0 token and to determine meta-information about this token. Oktober 2015https://tools.ietf.org/html/rfc7662
RFC7800Proof of Possion JWTHow to declare in a JSON Web Token (JWT) that the presenter of the JWT possesses a particular proof-of-possession key and how the recipient can cryptographically confirm
proof of possession of the key by the presenter.April 2016
https://tools.ietf.org/html/rfc7800
RFC8252OAuth 2.0 for Native AppsOAuth 2.0 authorization requests from native apps should only be made through external user-agents, primarily the user's browser. Oktober 2017https://tools.ietf.org/html/rfc8252
RFC8414OAuth 2.0 Authorization Server MetadataDefines a metadata format that an OAuth 2.0 client can use to obtain the information needed to interact with an OAuth 2.0 authorization server. June 2018https://tools.ietf.org/html/rfc8414
Dynamic Client RegistrationOpenID Connect Dynamic Client RegistrationOpenID Connect Dynamic Client Registration 1.0 incorporating errata set 1https://openid.net/specs/openid-connect-registration-1_0.html
Richtlijnen TLSICT-beveiligingsrichtlijnen voor Transport Layer Security (TLS)ICT-beveiligingsrichtlijnen voor Transport Layer Security v2https://www.ncsc.nl/binaries/ncsc/documenten/publicaties/2019/mei/01/ict-beveiligingsrichtlijnen-voor-transport-layer-security-tls/ICT-beveiligingsrichtlijnen-voor-Transport-Layer-Security-v2.pdf
Richtlijnen WebapplicatiesICT-beveiligingsrichtlijnen voor webapplicatiesICT-Beveiligingsrichtlijnen voor Webapplicatieshttps://www.ncsc.nl/binaries/ncsc/documenten/publicaties/2019/mei/01/ict-beveiligingsrichtlijnen-voor-webapplicaties/ICT-Beveiligingsrichtlijnen-voor-Webapplicaties-Richtlijnen-Leesversie.pdf

...