This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

September 15, 2015 Security WG Conference Call

From HL7Wiki
Jump to navigation Jump to search

Attendees

x Member Name x Member Name x Member Name
Mike DavisSecurity Co-chair x Duane DeCouteau . Chris Clark
x John MoehrkeSecurity Co-chair (audio only) x Johnathan Coleman . Aaron Seib
x Alexander Mense Security Co-chair . Ken Salyards Christopher D Brown TX
. Trish WilliamsSecurity Co-chair . Gary Dickinson Dave Silver
x Kathleen Connor . Ioana Singureanu Mohammed Jafari
x Suzanne Gonzales-Webb Rob Horn . Galen Mulrooney
x Diana Proud-Madruga Ben Goodman William Kinsley
x Rick Grow x [mailto: Paul Knapp] x Glen Marshall, SRS
. Debbie Bucci . Bill Kleinebecker Chris Shawn
Oliver Lawless Rob Horn x Serafina Versaggi

Back to Security Main Page

Agenda DRAFT

  1. ( 5 min) Roll Call, Agenda Approval
  2. ( 35 min) FHIR Security Discussion (Revote?) - John/Lloyd/Kathleen
  3. ( 5 min) PASS Access Control Conceptual Model (SOA) Update - Diana, Don Jorgenson, Mike, Dave
  4. ( 5 min) Joint Vocabulary Alignment Update - Diana
  5. ( 5 min) PSAF Update - Kathleen


Meeting Minutes DRAFT

Approval of September 8 meeting minutes

Motion Made: (Diana/Jim)

Meeting minutes for September 8 were approved (5 approve / 0 object/ 5 abstain (Lloyd, Serafina, John, Jim, Johnathan)

PASS Access Control Conceptual Model (SOA) Update

The deadline for submitting comments is Monday, Sept. 21.

Joint Vocabulary Alignment Update

Diana, Reed and Rick researched and submitted definitions for several terms to Gary for inclusion in the ISO 21089 standard, "Trusted End to End Information Flows." The project team continues to fill in definitions. The next step is to review the definitions and triage them to determine if they're sufficient and if there's a need to conduct further research which would yield better definitions.

Summary of last week FHIR's discussion

During last week's call when we approved the Provenance, we said we'd be using the FHIR Provenance build

  • when looking at the AuditEvent resource, there had been a number of comments against it from VA (none were addressed)
  • there were substantial changes that had not been discussed with the Security WG
    • recommendation was to defer to 2.1 so that we would have time to discuss (w/ JohnM), and find some way to deal with the comments that had not been discussed
  • Lloyd:

There are 3 options for publication:

  1. will not show up in the publication
  2. include as DRAFT - not included, not implementation ready (starting point of implementers)
  3. DSTU - content is not final, but considered ready for implementation (ready for implementers/implementer feedback)
  • Kathleen: Would it be possible to request a friendly amendment?
    • would this improve the information for AuditEvent? (per Lloyd: yes, you can certainly add documentation, additional guidance text - it is substantive; would require disposition from the FMG and I think they would rather allow for addition of extra text, given that these resources are not being profiled heavily.

MOTION: Publish now, with additional implementation guidance, and allow updates in 2.1 (friendly amendment from Kathleen) (Kathleen/Serafina) Discussion: none; objections: 0; abstain: 1 (Lloyd); Motion passes: 8

[AMENDMENT] Note: The information discussed with the knowledge that there is a risk that FHIR AuditEvent, FHIR provenance, and may not be published in 2.1

provide documentation and hope that FMG would give us a dispensation (or hold FMG hostage) [end AMENDMENT]

Any open issues that we have should be in by 6 p.m. ET - needs to get into FMG call (*4 p.m. ET Wednesday), that will be allowed into the build.

Additional Material regarding FHIR Vote:

e-mail from John Moehrke:

We did vote on it. I pointed at the minutes. The vote was a motion that I put into the agenda a week before our meeting, so the whole committee saw that vote coming. It followed exactly the FHIR governance rules. There was no deception, there was no negatives. The motion was seconded by Kathleen. The vote was approved with unanimous 14 vote.

The questions that Kathleen and Paul have brought up are not grounds to DEGRADE the resources from DSTU to BELOW-DSTU. which is what you have done. You have accepted a vote to lower their status to lower than they were at the last ballot. It seems that the committee didn’t realize what they were voting on. This vote was not part of the agenda, it was brought up on the call. It passed with only 9 votes. If the issue is only a vocabulary issue, this is NOT grounds to degrade the resources. It is not even a reason to change the recommendation for DSTU2 publication.

I fail to understand why the committee when only 10 people are there, on an unscheduled vote, agreed to degrade the Provenance and AuditEvent resources to BELOW DSTU status, because that is what you have done. You have asked that they be declared Draft, and not recommended for experimentation….. when a few weeks earlier on a vote that was pre-announced in the agenda, passed when there was 50% more participation….

The DSTU2 publication status that I recommended (and Kathleen approved), was a recommendation that the resources be considered by the community as ready to be EXPERIMENTED with. It was not a move to normative. Move to normative won’t happen for 2 years.

The current status is an alert to the community to STAY AWAY from these resources because they are badly broken and fundamental changes will be happening.

I don’t see how vocabulary updates is FUNDIMENTAL changes for which the community should NOT USE audit or provenance. WE NEED people to experiment with these. But your vote told the community to STAY AWAY from them!!!

I really don’t think the committee realized what they were voting on.

I unfortunately am still in Bangalore on business, and can’t make the call. I urge you to reach out to Lloyd to help you understand the situation. He might be able to appear before the WG to help you with understanding.

John

Response from Lloyd McKenzie

I don't know the WG's DMPs about required notice for votes, so any discussion about procedure would need to be taken up with the TSC. Typically re-opening an item requires 75% of the original vote, so you may be a bit short in this case.

This change is going to be somewhat confusing to the implementer community. It's saying: "We thought this resource was ready for implementation 20 months ago. However, now after receiving and applying implementer feedback, we believe the resource is going to require further significant change and would no longer recommend implementation."

If the gist of that statement is true, it's perfectly within the WG's prerogative to make the change.

However, if the primary reason for dropping the resource from DSTU to draft status is that there's going to be change to some of the vocabularies, then the change in status is unnecessary. The value set under contention is already extensible and (as I understand it), there's no plan to remove any of the existing codes, only to add new ones. That's the type of change that would still be permitted even if the resource was already normative, and it's certainly the sort of change that's in scope for DSTU. During DSTU, you're free to rebind the vocabulary to a completely different value set, change the binding strength, add, remove and rename elements - pretty much whatever you like.

When choosing to go DSTU vs. draft, the WG needs to consider two things: - Could a reasonable implementer safely use this specification as it is in production? - Are there already known, outstanding issues with the resource that are likely to result in significant change such that early implementers would be able to leverage little or none of their initial investment

John is right that making the resource draft is sending a message to "keep away". It will reduce the chances that any of the implementations in the next half year + will bother to implement audit or provenance at all. And it will delay how soon you can go normative. (You need 2 consecutive DSTU votes under your belt to be permitted to go normative - which means this would mean you'd be looking at 2019 earliest rather than 2017 earliest.)

In any event, this *must* be resolved on next Tuesday's call. The WG will need to examine whether the vote to demote was in order (i.e. whether it was in fact re-opening a previously voted item). If it was not in order, then the original vote stands unless a new vote is taken. If the vote to demote was in order, then the WG is free to discuss whether demotion is in fact their desired course of action and, if not, re-open and re-vote.

If there are outstanding questions and the WG feels it would be valuable for me to participate on the call, I can try to make that happen.

Lloyd

Meeting adjourned at 1307 PDT --Suzannegw (talk) 16:07, 15 September 2015 (EDT)