Re: Valid XML and Schema Normative?

At 01:45 PM 7/14/2000 -0400, Ken Goldman wrote:
 >In FSML, we have something similar to the <disclaimer> called
 >signature restrictions.  For example, a signing token, possibly
 >qualified by a signer login and password, might be constrained to sign
 >purchase orders but not checks.
 >
 >What FSML does (in DSIG terms) is add a <Restrictions> tag to
 ><SignedInfo>.  When the token receives the <SignedInfo> element for
 >hashing and signing, it will reject the element if the <Restrictions>
 >value does not match its internal rules.

Hi Ken. I would argue that your stated use is syntactily invalid with
respect to the content model as given by the DTD/schema (and I'm pushing
that we be cognizant of this fact) and also semantically. (This is one
reason why thinking in terms of a Data Model (via RDF) can be a good thing.
[1]) 

SignedInfo is merely a collection of References with two properties:
SignatureMethod and C14NMethod. Placing other semantics in there can be
dangerous. The purposes that you speak of seem much more appropriate to
SignatureProperties. (Have you considered this?) 

Syntax and semantics are not the same thing, but they obviously are closely
related and in this instance we can use constraints on the syntax to also
constrain the ability to make semantic assertions within our specified
structures. Of course, one could place a similar corresponding statement in
a Signature Property (invalid on Tuesdays) but that CLEARLY represents that
this is a TRUST decision and has nothing to do with the signature structure
nor its Signature Validity.

[1] http://www.w3.org/Signature/Drafts/xmldsig-datamodel-19991029.gif
    (Somewhat incomplete, but the last/best capture as a di-graph).


_________________________________________________________
Joseph Reagle Jr.   
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/People/Reagle/

Received on Friday, 14 July 2000 15:03:13 UTC