W3C home > Mailing lists > Public > public-xmlsec@w3.org > February 2009

Re: ACTION-178 - Draft text for v1.1 on OCSPResponse subelement for X509Data

From: Thomas Roessler <tlr@w3.org>
Date: Tue, 3 Feb 2009 20:09:57 +0100
To: Sean Mullan <Sean.Mullan@Sun.COM>
Message-Id: <B2495757-3392-464B-9DF2-DCE8247FC3E3@w3.org>
Cc: XMLSec WG <public-xmlsec@w3.org>

On 3 Feb 2009, at 19:33, Sean Mullan wrote:

>
> (I'm not sure my schema/dtd syntax is correct, but here's my  
> proposal for an AI from the F2F. Please review.):
>
> Add the following bullet to the part titled "1. At least one  
> element ..." in section 4.4.4 The X509Data Element :
>
>  o The OCSPResponse element contains a base64-encoded OCSP Response  
> [OCSP].

Please make this "The dsig11:OCSPResponse element"

> Add the following entry to the schema definition and DTD at the end  
> of section 4.4.4:
>
>  <element name="OCSPResponse" xmlns="http://www.w3.org/2009/ 
> xmldsig11#" type="base64binary"/>

That xmlns attribute puts <element/> into disg11:, not OCSPResponse.

Therefore, we'll want to have this in a separate schema block (which  
clearly says in the text around it that it's for dsig11:):

   <element name="OCSPResponse" type="base64binary"/>

>  OCSP
>      RFC 2560. X.509 Internet Public Key Infrastructure Online
>      Certificate Status Protocol - OCSP. M. Myers, R. Ankney, A.  
> Malpani
>      S. Galperin, C. Adams. June 1999.
>      http://www.ietf.org/rfc/rfc2560.txt
Received on Tuesday, 3 February 2009 19:10:07 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:57 GMT