Schema definitions according to 19991217 Schema draft, Part 1 from Gregor Karlinger on 1999-12-20 (w3c-ietf-xmldsig@w3.org from October to December 1999)

From: Gregor Karlinger <Gregor.Karlinger@iaik.at>
Date: Mon, 20 Dec 1999 14:44:07 +0100
To: "Joseph M. Reagle Jr." <reagle@w3.org>, David Solo <dsolo@alum.mit.edu>, Donald Eastlake <dee3@torque.pothole.com>
CC: ML W3C XML-Signature <w3c-ietf-xmldsig@w3.org>
Message-ID: <385E32A7.842F6894@iaik.at>
I also found a lot of bugs in the schema definitions. Additionally a new draft
of XML-Schema has appeared (19991217). Below I will try to adapt the definitions.

For better comprehension I have explicitely quoted some defaults.

----------------------------------------------------------------------------------------
Section "3.0 Core Signature Syntax":
----------------------------------------------------------------------------------------

    <?xml version='1.0'?> 
    <!DOCTYPE schema 
    SYSTEM 'http://www.w3.org/TR/1999/WD-xmlschema-1-19991105/structures.dtd' 
    [ 
    <!ENTITY dsig 'http://www.w3.org/1999/12/signature-core'> 
    ]> 
    <schema targetNS='http://www.w3.org/1999/12/signature-core' 
       version='0.1' 
       xmlns='http://www.w3.org/1999/XMLSchema'> 
    <textEntity name="dsig">http://www.w3.org/1999/12/signature-core</textEntity> 

There is no provisions for entity definition any more in XML-Schema. So the last
line has to be omitted. There are also some old definitions for the namespace URI,
which I have changed below.

    <?xml version='1.0'?> 
    <!DOCTYPE schema 
    SYSTEM 'http://www.w3.org/TR/1999/WD-xmlschema-1-19991105/structures.dtd' 
    [ 
    <!ENTITY dsig 'http://www.w3.org/1999/12/xmldsig-core'> 
    ]> 
    <schema targetNS='http://www.w3.org/1999/12/xmldsig-core' 
       version='0.1' 
       xmlns='http://www.w3.org/1999/XMLSchema'> 

----------------------------------------------------------------------------------------
Section "3.0 Core Signature Syntax":
----------------------------------------------------------------------------------------

Old definition:

    <element name='Signature'> 
      <archetype order='seq' content='elemOnly'> 
	<element ref='SignedInfo'/> 
	<element ref='SignatureValue'/> 
	<element ref='KeyInfo' minOccurs='0' maxOccurs='1' /> 
	<element ref='Object' minOccurs='0' maxOccurs='*'/> 
	<attribute name='Id' type='ID' /> 
      </archetype> 
    </element> 

New definition:

    <element name='Signature'> 
      <type content='elementOnly'>
        <group order='seq' minOccurs='1' maxOccurs='1'> 
	  <element ref='SignedInfo' minOccurs='1' maxOccurs='1'/> 
	  <element ref='SignatureValue' minOccurs='1' maxOccurs='1'/> 
	  <element ref='KeyInfo' minOccurs='0' maxOccurs='1'/> 
	  <element ref='Object' minOccurs='0' maxOccurs='*'/> 
	</group>  
	<attribute name='Id' type='ID' minOccurs='0' maxOccurs='1'/> 
      </type> 
    </element> 


----------------------------------------------------------------------------------------
Section "3.2 The SignatureValue Element":
----------------------------------------------------------------------------------------

No changes.

----------------------------------------------------------------------------------------
Section "3.3 The SignedInfo Element":
----------------------------------------------------------------------------------------

Old definition:

    <element name='SignedInfo'> 
      <archetype order='seq' content='elemOnly'> 
	<element ref='CanonicalizationMethod' minOccurs='0' maxOccurs='1'/> 
	<element ref='SignatureMethod'/> 
	<element ref='Reference' minOccurs='1' maxOccurs='*'/> 
	<attribute name='Id' type='ID' /> 
      </archtype> 
    </element> 

New definition:

    <element name='SignedInfo'> 
      <type content='elementOnly'>
        <group order='seq' minOccurs='1' maxOccurs='1'> 
	  <element ref='CanonicalizationMethod' minOccurs='0' maxOccurs='1'/> 
	  <element ref='SignatureMethod' minOccurs='1' maxOccurs='1'/> 
	  <element ref='Reference' minOccurs='1' maxOccurs='*'/> 
	</group>  
	<attribute name='Id' type='ID' minOccurs='0' maxOccurs='1'/> 
      </type> 
    </element> 

----------------------------------------------------------------------------------------
Section "3.3.1 The CanonicalizationMethod Element":
----------------------------------------------------------------------------------------

Old definition:

    <element name='CanonicalizationMethod'> 
      <archetype content='elemOnly' > 
	<element ref='Parameter' > 
	<attribute name='Algorithm' type='uri' /> 
      </archetype> 
    </element> 

New definition:

    <element name='CanonicalizationMethod'> 
      <type content='elemOnly'>
	<element ref='Parameter' minOccurs='1' maxOccurs='1'> 
	<attribute name='Algorithm' type='uri' minOccurs='1' maxOccurs='1'/> 
      <type> 
    </element> 

----------------------------------------------------------------------------------------
Section "3.3.2 The SignatureMethod Element":
----------------------------------------------------------------------------------------

Old definition:

    <element name='SignatureMethod'> 
      <archetype content='elemOnly'> 
	<element ref='Parameter' > 
	<attribute name='Algorithm' type='uri' /> 
      </archetype> 
    </element> 

New definition:

    <element name='SignatureMethod'> 
      <type content='elemOnly'> 
	<element ref='Parameter' minOccurs='0' maxOccurs='*'> 
	<attribute name='Algorithm' type='uri' minOccurs='1' maxOccurs='1'/> 
      </type> 
    </element> 

----------------------------------------------------------------------------------------
Section "3.3.3 The Reference Element":
----------------------------------------------------------------------------------------

Old definition:

    <element name='Reference' > 
      <archetype order='seq'> 
	<element ref='Transforms' minOccurs='0' maxOccurs='1'/> 
	<element ref='DigestMethod'/> 
	<element ref='DigestValue'/> 
	<attribute name='Id' type='ID' /> 
	<attribute name='URI' type='uri' /> 
	<attribute name='IDREF' type='IDREF' /> 
	<attribute name='Type' type='uri' /> 
      </archetype> 
    </element> 

New definition:

    <element name='Reference'> 
      <type content='elementOnly'>
        <group order='seq' minOccurs='1' maxOccurs='1'> 
	  <element ref='Transforms' minOccurs='0' maxOccurs='1'/> 
	  <element ref='DigestMethod' minOccurs='1' maxOccurs='1'/> 
	  <element ref='DigestValue' minOccurs='1' maxOccurs='1'/> 
        </group>
	<attribute name='Id' type='ID' minOccurs='0' maxOccurs='1'/> 
	<attribute name='URI' type='uri' minOccurs='0' maxOccurs='1'/> 
	<attribute name='IDREF' type='IDREF' minOccurs='0' maxOccurs='1'/> 
	<attribute name='Type' type='uri' minOccurs='0' maxOccurs='1'/> 
      </type> 
    </element> 

----------------------------------------------------------------------------------------
Section "3.3.3.1 The Transforms Element":
----------------------------------------------------------------------------------------

Old definition:

    <element name='Transforms' > 
      <archetype> 
	<element ref='Transform' minOccurs='1' maxOccurs='*' /> 
      </archetype> 
    </element> 

    <element name='Transform' > 
      <archetype> 
	<element ref='Parameter' minOccurs='0' maxOccurs='*'/> 
	<attribute name='Algorithm' type='string' /> 
	<attribute name='Type' type='uri' /> 
	<attribute name='Charset' type='string' /> 
      </archetype> 
    </element> 

New definition:

    <element name='Transforms' > 
      <type content='elementOnly'> 
	<element ref='Transform' minOccurs='1' maxOccurs='*'/> 
      </type> 
    </element> 

    <element name='Transform'> 
      <type content='elementOnly'>
	<element ref='Parameter' minOccurs='0' maxOccurs='*'/> 
	<attribute name='Algorithm' type='string' minOccurs='1' maxOccurs='1'/> 
	<attribute name='Type' type='uri' minOccurs='0' maxOccurs='1'/> 
	<attribute name='Charset' type='string' minOccurs='0' maxOccurs='1'/> 
      </type> 
    </element> 

Maybe consider to change the type of attribute 'Charset' to 'uri'.

----------------------------------------------------------------------------------------
Section "3.3.3.2 The DigestMethod Element":
----------------------------------------------------------------------------------------

Old definition:

    <element name='DigestMethod'> 
      <archetype content='elemOnly'> 
	<element ref='Parameter' minOccurs='0' maxOccurs='*'/> 
	<attribute name='Algorithm' type='uri' /> 
      </archetype> 
    </element> 

New definition:

    <element name='DigestMethod'> 
      <type content='elemOnly'> 
	<element ref='Parameter' minOccurs='0' maxOccurs='*'/> 
	<attribute name='Algorithm' type='uri' minOccurs='1' maxOccurs='1'/> 
      </type> 
    </element> 

----------------------------------------------------------------------------------------
Section "3.3.3.3 The DigestValue Element":
----------------------------------------------------------------------------------------

Old definition:

    <element name='DigestValue' type='string'> 
      <archetype> 
	<attribute name='Encoding' type='uri' default="&dsig;/Base64"/ /> 
      </archetype> 
    </element> 

New definition:

    <element name='DigestValue'> 
      <type source='string'> 
	<attribute name='Encoding' type='uri' default='&dsig;/Base64' 
	           minOccurs='0' maxOccurs='1'/> 
      </type> 
    </element> 

*************************************************************************************
This is the first part of schema definitions, including chapter 3.3.3.3.
I will have I look at the remaining parts of the draft tomorrow.
*************************************************************************************

Regards, Gregor


-- 
---------------------------------------------------------------
Gregor Karlinger
mailto://gregor.karlinger@iaik.at
Institute for Applied Information Processing and Communications
Austria
---------------------------------------------------------------
Received on Monday, 20 December 1999 08:44:15 UTC