Re: PRFAlgorithmIdentifierType in XML Encryption 1.1

Makoto

I think your understanding is correct that PRFAlgorithmIdentifierType prohibits use of the Parameters element due to the use of the XML Schema restriction. The reason is that the PBKDF2ParameterType defines the various parameters (of which the algorithm identifier is one).

[[
<complexType name="AlgorithmIdentifierType">

  <sequence>

   <element name="Parameters" minOccurs="0"/>

  </sequence>

  <attribute name="Algorithm"/>

</complexType>



<complexType name="PRFAlgorithmIdentifierType">

 <complexContent>

  <restriction base="xenc11:AlgorithmIdentifierType">

  <attribute name="Algorithm" type="anyURI"/>

  </restriction>

 </complexContent>
]]

Looking at this, shouldn't the AlgorithmIdentifierType have a "type='anyURI' on the Algorithm attribute definition? (maybe not necessary if derived type is always used).

I've added this question  to Last Call comment tracker as LC-2543,  http://www.w3.org/2006/02/lc-comments-tracker/42458/WD-xmlenc-core1-20100513/2543

regards, Frederick

Frederick Hirsch
Nokia



On Aug 15, 2011, at 9:03 AM, Hirsch Frederick (Nokia-CIC/Boston) wrote:

> [repost to xml security public list] 
> 
> Begin forwarded message:
> 
>> Resent-From: <xml-encryption@w3.org>
>> From: ext MURATA Makoto <eb2m-mrt@asahi-net.or.jp>
>> Date: August 12, 2011 4:25:54 AM EDT
>> To: xml-encryption <xml-encryption@w3.org>
>> Subject: PRFAlgorithmIdentifierType in XML Encryption 1.1
>> 
>> Is the definition of PRFAlgorithmIdentifierType correct?
>> In my understanding, it prohibits Parameters elements.
>> oXygen (and probably Xerces) agrees with me.
>> 
>> 
>> 
>> -- 
>> 
>> Praying for the victims of the Japan Tohoku earthquake
>> 
>> Makoto
>> 
>> 
> 

Received on Monday, 15 August 2011 15:21:52 UTC