Multiple issues with Send Direct Message functionality for Direct Standard Version 1 .3
18 views
Skip to first unread message
lcm...@emrdirect.com
May 5, 2026, 3:38:10 PM (3 days ago) May 5
to Edge Test Tool (ETT)
Hello ETT Team,
I realize that certification for Direct Standard V1.3 is optional, but as our customers inquire about using the ETT to test this version from time to time, I did want to post here about a number of issues that have been identified with the ETT implementation of V1.3 on the https://site.healthit.gov/direct/senddirect page making many of the options on this page unusable at this time. It may be worth considering removing the V1.3 tab from the ETT entirely until the majority of these issues have been addressed.
This evaluation of the ETT was performed sending to a recipient with an RSA-2048 public key. Only the first 2 signing certificates on the drop-down list were evaluated. I may separately report additional findings when sending to a recipient with an EC public key at a later time, as this may uncover additional issues with the ETT related to key encryption.
1. Signing Algorithm drop-down choices when GOOD_CERT selected:
- SHA-256, RSHA-384, SHA-512: These 3 choices send valid messages.
- OAEP: does NOT use OAEP for key encryption, uses standard RSA key encryption without OAEP, specifies an invalid signing algorithm (sha1NoSign). Note that OAEP is for key encryption, not for signing, so its presence in the drop-down list for signing algorithms is misleading. It could be relabeled "?? using OAEP for key encryption" (I put ?? since an invalid signing algorithm is currently specified). Also note that since this algorithm is used for key encryption, OAEP is only applicable if the recipient's certificate contains an RSA public key, which will further confuse ETT users with EC public keys.
-ECDSA with P-256, ECDSA with SHA-256, ECDSA with P-384, ECDSA with SHA-384: these EC signing algorithms should not be choices for GOOD_CERT which has an RSA public key.
-AES with CBC: uses AES-CBC for content encryption as expected but specifies an invalid signing algorithm (sha1NoSign). Also, this algorithm is for content signing, so its presence in the drop-down list for signing algorithms is misleading. It could be relabeled "?? using AES-CBC for content encryption" (see comments above re: ??) Also, since AES--CBC appears to be the default for the earlier choices on this drop-down list, listing it again does not appear to add anything as it will likely exactly duplicate one of the test conditions from one of the earlier choices once it is fixed.
-AES with GCM: does NOT use AES with GCM, content is encrypting using AES-CBC. Specifies an invalid signing algorithm (sha1NoSign). Also, this algorithm is for content signing, so its presence in the drop-down list for signing algorithms is misleading. It could be relabeled "?? using AES-GCM for content encryption" (see comments above re: ??)
2. Signing Algorithm drop-down choices when GOOD_ECDSA_CERT is selected:
-ECDSA with P-256, ECDSA with SHA-256, ECDSA with P-384, ECDSA with SHA-384: these should be consolidated from 4 to 2: "ECDSA with P-256 and SHA-256" and "ECDSA with P-384 and SHA-384", as the Direct Standard V1.3 only permits these two EC combinations.
-ECDSA with P-256, ECDSA with SHA-256: These behave the same. These have a valid EC P256 with SHA256 signature. However, the certificate appears to be an address-bound certificate for ec-pri...@ett.healthit.gov so the messages will generally fail validation since the sending address is arbitrary. A "trustable" message is only sent if this specific address is entered in the sender field. However, the ETT does not appear to understand the MDN returned with the key encrypted using the ETT's P256 key.
-ECDSA with P-256, ECDSA with SHA-256, ECDSA with P-384, ECDSA with SHA-384: these should be consolidated from 4 to 2: "ECDSA with P-256 and SHA-256" and "ECDSA with P-384 and SHA-384", as the Direct Standard V1.3 only permits these two EC combinations.
-ECDSA with P-256, ECDSA with SHA-256: These behave the same. These have a valid EC P256 with SHA256 signature. However, the certificate appears to be an address-bound certificate for ec-pri...@ett.healthit.gov so the messages will generally fail validation since the sending address is arbitrary. A "trustable" message is only sent if this specific address is entered in the sender field. However, the ETT does not appear to understand the MDN returned with the key encrypted using the ETT's P256 key.
-ECDSA with P-384, ECDSA with SHA-384: These behave the same. These include a P-256 signature and specify SHA-384 for hash. No P-384 signature is included. This combination (P256+SHA384) is not a choice in the standard. A separate ETT certificate will be needed with an appropriate EC P-384 key.
Thank you,
Luis Maas
CTO, EMR Direct
Editor, Direct Standard Version 1.3
Sai Valluripalli
May 5, 2026, 3:50:43 PM (3 days ago) May 5
to lcm...@emrdirect.com, Edge Test Tool (ETT)
Hi Luis,
We will review these findings and get back to you.
Thanks
We will review these findings and get back to you.
Thanks
--
You received this message because you are subscribed to the Google Groups "Edge Test Tool (ETT)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to edge-test-too...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/edge-test-tool/9ae0aec7-546f-4dc3-b591-d158eaaf86dbn%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages