AS ISO 17090.2-2003

1 - AS ISO 17090.2-2003 HEALTH INFORMATICS-PUBLIC KEY INFRASTRUCTURE - CERTIFICATE PROFILE
4 - PREFACE
5 - CONTENTS
6 - INTRODUCTION
9 - 1 Scope
9 - 2 Normative references
9 - 3 Terms and definitions
10 - 4 Abbreviations
10 - 5 Healthcare CPs
10 - 5.1 Certificate types required for healthcare
10 - 5.2 CA certificates
10 - 5.2.1 Root CA certificates
10 - 5.2.2 Subordinate CA certificates
11 - 5.3 Cross/Bridge certificates
11 - 5.4 End entity certificates
11 - 5.4.1 Individual identity certificates
12 - 5.4.2 Organization identity certificate
12 - 5.4.3 Device identity certificate
12 - 5.4.4 Application certificate
12 - 5.4.5 AC
14 - 5.4.6 Role certificates
14 - 6 General certificate requirements
14 - 6.1 Certificate compliance
15 - 6.2 Common fields for each certificate type
16 - 6.3 Specifications for common fields
16 - 6.3.1 General
16 - 6.3.2 Signature
16 - 6.3.3 Validity
16 - 6.3.4 Subject public key information
17 - 6.3.5 Issuer name field
17 - 6.3.6 The subject name field
18 - 6.4 Requirements for each healthcare certificate type
18 - 6.4.1 Issuer fields
18 - 6.4.2 Subject fields
21 - 7 Use of certificate extensions
21 - 7.1 Introduction
21 - 7.2 General extensions
21 - 7.2.1 authorityKeyIdentifier
21 - 7.2.2 subjectKeyIdentifier
21 - 7.2.3 keyUsage
21 - 7.2.4 privateKeyUsagePeriod
21 - 7.2.5 certificatePolicies
21 - 7.2.6 subjectAltName
22 - 7.2.7 basicConstraints
22 - 7.2.8 CRLDistributionPoints
22 - 7.2.9 ExtKeyUsage
22 - 7.2.10 Authority information access
22 - 7.3 Special subject directory attributes
22 - 7.3.1 hcRole attribute
24 - 7.3.2 subjectDirectoryAttributes
24 - 7.4 Qualified certificate statements extension
24 - 7.5 Requirements for each health industry certificate type
24 - 7.5.1 Extension fields
26 - Annex A - Certificate profile examples
26 - A.1 Introduction
26 - A.2 EXAMPLE 1: Consumer certificate profile
27 - A.3 EXAMPLE 2: Non-regulated health professional certificate profile
28 - A.4 EXAMPLE 3: Regulated health professional certificate profile
29 - A.5 EXAMPLE 4: Sponsored healthcare provider certificate profile
29 - A.6 EXAMPLE 5: Supporting organization employee certificate profile
30 - A.7 EXAMPLE 6: Organization certificate profile
31 - A.8 EXAMPLE 7: AC profile
31 - A.9 EXAMPLE 8: CA certificate profile
32 - A.10 EXAMPLE 9: Bridge certificate profile
33 - Bibliography

Specifies the certificate profiles required to interchange healthcare information within a single organization, between different organizations and across jurisdictional boundaries. It detials the use made of public key infrastyructure (PKI) digital certificates in the health industry and focuses, in particular, on specific healthcare issues relating to certificate profiles.

This part of ISO/TS 17090 specifies the certificate profiles required to interchange healthcare information within a single organization, between different organizations and across jurisdictional boundaries. It details the use made of public key infrastructure (PKI) digital certificates in the health industry and focuses, in particular, on specific healthcare issues relating to certificate profiles.

First published as AS ISO 17090.2-2003.