W3C home > Mailing lists > Public > public-xmlsec@w3.org > June 2009

Re: [widgets] dig sig RelaxNG schema

From: Kai Hendry <hendry@aplix.co.jp>
Date: Fri, 26 Jun 2009 13:17:55 +0100
Message-ID: <b24851260906260517j401e2098qf1ccc980391429ac@mail.gmail.com>
To: Frederick Hirsch <frederick.hirsch@nokia.com>, Thomas Roessler <tlr@w3.org>
Cc: public-webapps WG <public-webapps@w3.org>, XMLSec WG Public List <public-xmlsec@w3.org>, David Håsäther <hasather@gmail.com>
2009/6/25 Frederick Hirsch <frederick.hirsch@nokia.com>:
> Is having RNG/RNC schema important? Can you or someone in the WebApps
> working group please help, perhaps by reviewing our RNG schema document and
> suggesting improvements?

I think it's important for basic conformance. Yes, I'd like to help
and perhaps the guys at http://www.w3.org/2005/MWI/Tests/ could help
out too. David Håsäther maintains the widget P&C grammar and perhaps
he too could help review.





> [2] http://www.w3.org/2007/xmlsec/Drafts/xmldsig-rngschema/

The schema here seems to require base64Binary in the SignatureValue
which would render at least your example [1] incorrect. Tbh, I think
Thomas Roessler would know best here.

[1] http://www.w3.org/TR/widgets-digsig/#example


hendry@x61 xmldigsig$ rnv xmldsig.rnc signature1.xml
signature1.xml
signature1.xml:14:19: error: invalid data or text not allowed
required:
        data http://www.w3.org/2001/XMLSchema-datatypes^base64Binary
signature1.xml:20:21: error: invalid data or text not allowed
required:
        data http://www.w3.org/2001/XMLSchema-datatypes^base64Binary
signature1.xml:26:19: error: invalid data or text not allowed
required:
        data http://www.w3.org/2001/XMLSchema-datatypes^base64Binary
signature1.xml:32:19: error: invalid data or text not allowed
required:
        data http://www.w3.org/2001/XMLSchema-datatypes^base64Binary
signature1.xml:35:0: error: incomplete content
required:
        element http://www.w3.org/2000/09/xmldsig#^SignatureValue
signature1.xml:56:1: error: element
http://www.w3.org/2000/09/xmldsig#^SignatureValue not allowed
required:
        after
allowed:
        element http://www.w3.org/2000/09/xmldsig#^Object
signature1.xml:57:1: error: element
http://www.w3.org/2000/09/xmldsig#^KeyInfo not allowed
required:
        after
allowed:
        element http://www.w3.org/2000/09/xmldsig#^Object

Also there is the Object order problem again with this grammar. The
Object in the example must be modified to be last to validate.

Signature =
  element Signature {
    Signature.attlist, SignedInfo, SignatureValue, KeyInfo?, Object*
  }
Received on Friday, 26 June 2009 12:18:47 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 10:43:58 GMT