W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2000

Re: Valid XML and Schema Normative?

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Fri, 07 Jul 2000 23:13:59 -0400
Message-Id: <>
To: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
Cc: <duerst@w3.org>, <ht@cogsci.ed.ac.uk>, <dbeech@us.oracle.com>, <murray@muzmo.com>, <Noah_Mendelsohn@lotus.com>

Given we expect numerous XML 1.0 valdidity constraints [1] to be enforced
for Signatures to even be processed properly, I think we should call a spade
a spade and say a validating parser is required. What that means is up the
implementator depending on the Signature applications, toolkits, etc., that
they use: they could use a well-formed processor and build the relevant
constraints relevant to Signature the DTD themselves, or use a generic
validating parser; that's an implementation issue. I don't think it makes
sense for us to say in the spec "well-formed" and profile XML 1.0 validity

My question is how many schema validity constraints [2] are there in
addition to [1] if you don't actually use many feature beyond [1]. (We are
using basic content models and ANY, and a single user defined type, that's
about it ...) Is our use of Schema truly "normative"?

[1] Extensible Markup Language (XML) 1.0 

[2] http://www.w3.org/TR/xmlschema-1/#conformance-details

Forwarded Text ----
 Date: Thu, 06 Jul 2000 13:09:20 -0400
 To: Ken Goldman <kgold@watson.ibm.com>
 From: "Joseph M. Reagle Jr." <reagle@w3.org>
 Cc: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
 In-Reply-To: <200007061652.MAA34032@alpha.watson.ibm.com>
 Subject: Re: Valid XML and Schema Normative?
 At 12:52 2000-07-06 -0400, Ken Goldman wrote:
  >Could you give an XML snippet of this, showing the issue?
 Assuming that the following well formed XML instance reference 
 and signature validates, is the following example a valid 
 Signature? (It violates the specified content model).
 I'm slightly confusing the syntactical violation with a clear violation
 of semantics ("disclaimer") just to show why this might be important, 
 but [x01-03] could be any name space qualified and wellformed XML.
    [s01] <Signature Id="MyFirstSignature"
    [s02]   <SignedInfo> 
    [x01]     <disclaimer xmlns="http://badactor.com/2000/v3">
    [x02]     <declaration>this signature is invalid on
    [x03]     </disclaimer>
    [s03]   <CanonicalizationMethod
    [s04]   <SignatureMethod
    [s05]   <Reference URI="http://www.w3.org/TR/2000/REC-xhtml1-20000126/"> 
    [s06]     <Transforms> 
    [s07]       <Transform
    [s08]     </Transforms> 
    [s09]     <DigestMethod
    [s10]     <DigestValue>j6lwx3rvEPO0vKtMup4NbeVu8nk=</DigestValue> 
    [s11]   </Reference> 
    [s12] </SignedInfo> 
    [s13]   <SignatureValue>MC0CFFrVLtRlk=...</SignatureValue> 
    [s14]   <KeyInfo> 
    [s15a]    <KeyValue>
    [s15b]      <DSAKeyValue> 
    [s15c]        <P>...</P><Q>...</Q><G>...</G><Y>...</Y> 
    [s15d]      </DSAKeyValue> 
    [s15e]    </KeyValue> 
    [s16]   </KeyInfo> 
    [s17] </Signature>
 Joseph Reagle Jr.   
 W3C Policy Analyst                mailto:reagle@w3.org
 IETF/W3C XML-Signature Co-Chair   http://www.w3.org/People/Reagle/
End Forwarded Text ----

Joseph Reagle Jr.   
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/People/Reagle/
Received on Friday, 7 July 2000 23:16:11 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:34 UTC