Clarification of computation of rid

[pvillela]

The recommendation on how to compute the rid (revocation ID) in the revocation spec is a bit unclear:

It is RECOMMENDED to use the base64url encoding of the first 64 bits of the output of HMAC-SHA-256 (as specified in RFC 4868) on the user identifier using a 256-bit random secret key concatenated with the <<kid>>; i.e., `rid = base64url(hmac-sha-256(secret_key || <>, user_id)[1..64]).

What is meant by "user identifier" or user_id? What about the option of using the HMAC of the FHIR bundle? What about the option of using the HMAC of the patient resource?

There is also a formatting problem with the above quoted text, probably a missing backtick.

[christianpaquin]

What is meant by "user identifier" or user_id?

The spec says: "Issuers MAY use application-specific user identifiers for this purpose"; it could be an internal database identifier for the user account, a health insurance number, etc.

What about the option of using the HMAC of the FHIR bundle? What about the option of using the HMAC of the patient resource?

If you can pick a rid at issuance, then I wouldn't recommend these methods. Picking and remembering a random value for the user would be better. The FHIR-derived values are necessary to identify the SHC which do not contain an explicit rid.

There is also a formatting problem with the above quoted text, probably a missing backtick.

Yes, the markdown to html rendering had some quirk. I think I fixed these in PR #218.

[christianpaquin]

Latest changes in PR #230 (was PR #218) provide some clarifications. Can we close this, @pvillela?

[pvillela-del]

I'm good with it, thanks.