Updated 11th Jan 2021
- Secure (Tamper-proof)
HealthCerts shall comprise of the data elements defined in the schema.
During presentation, these are the minimum data types that need to be displayed.
- Data fields as defined in schema
- QR code
- The QR code shall contain the following components:
- A link to fetch the HealthCert
- Decryption key to decrypt HealthCert payload
- URL to perform verification of HealthCert
- Encryption shall be based performed using oa-encrypt
- QR code shall be readable by any standard QR code reader (non-proprietary formatting)
This requirement for shall apply to the various modes of certificate delivery, which could include sharing via
- HealthCerts document1 which contains the memo and QR code
- Mobile application which renders the HealthCerts document in (i)
Refer here for details.
- Email which contains the memo and QR code
The verifier shall attest the following datasets
Checks and returns the identity of the issuer. Verify the identity of the issuer against a decentralised identity provider (ie DID, DNS, etc) or some centrally managed identity registry.
Checks the integrity of the document by digesting the content of the OA document and comparing it with the document's targetHash
Checks that the document has been issued and that it's issuance status is in good standing. Verify the issuance status against a record maintained externally, ie Records on a Blockchain or API endpoints.