W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2001

Re: XML Signature schema implementation

From: Peter Tornberg <tberg@x-obi.com>
Date: Fri, 21 Sep 2001 10:13:56 +0200
Message-ID: <00e401c14275$5c4afe30$0b00a8c0@hydra>
To: "xmldsig" <w3c-ietf-xmldsig@w3.org>
Thanks for your response Joseph,

Here is what I think would be nice.

E.g. X509IssuerSerial is not global from the XML Dsig schema. This means
that if I ever want to use a X509IssuerSerial in any cryptographic schema I
will have to define my own instead of reusing an already existing. If my own
schema is almost entirely cryptographic if would feel like reinventing the

The schema could be rewritten for e.g. X509IssuerSerial:
<element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/> <!--
Global -->

<complexType name="X509DataType">
   <sequence maxOccurs="unbounded">
         <element ref="ds:X509IssuerSerial"/>
         <element name="X509SKI" type="base64Binary"/>
         <element name="X509SubjectName" type="string"/>
         <element name="X509Certificate" type="base64Binary"/>
         <element name="X509CRL" type="base64Binary"/>
         <any namespace="##other" processContents="lax"/>

<complexType name="X509IssuerSerialType">
      <element name="X509IssuerName" type="string"/>
      <element name="X509SerialNumber" type="integer"/>

I suppose writing it like this may introduce a performance penalty for the
parser? Or is there any other reason from keeping these things from beeing



----- Original Message -----
From: "Joseph Reagle" <reagle@w3.org>
To: "Peter Tornberg" <tberg@x-obi.com>; "xmldsig" <w3c-ietf-xmldsig@w3.org>
Sent: Thursday, September 20, 2001 5:50 PM
Subject: Re: XML Signature schema implementation

> On Thursday 20 September 2001 03:21, Peter Tornberg wrote:
> > namespace. I.e. while creating new schemas I'm unable to do a
> > ref="ds:..." to a number of elements in the xmldsig schema. Instead I
> > have to create and name my own elements using name="..." type="ds:...".
> Could you be more specific? We did rewrite our schema to make both the
> major element and their types named and global items. [1] includes all of
> the global elements. A few of the key structures' children (like those of
> PGP or X509) are not provided globally because (1) we didn't have demand
> make *everything* global (it'd be ugly) and those children typically share
> a contextual semantic (they are properties of the same thing).
> Consequently, it wouldn't make sense or mean the same thing, if somehow
> someone use them piece-meal or in a different context: they should use a
> different namespace. Of course, the could build that on top of our own by
> deriving it from our type.
> [1]
> Global elements and types in XMLDSIG
> <element name="Signature" type="ds:SignatureType"/>
> <element name="SignatureValue" type="ds:SignatureValueType"/>
> <element name="SignedInfo" type="ds:SignedInfoType"/>
> <element name="CanonicalizationMethod"
> type="ds:CanonicalizationMethodType"/>
> <element name="SignatureMethod" type="ds:SignatureMethodType"/>
> <element name="Reference" type="ds:ReferenceType"/>
> <element name="Transforms" type="ds:TransformsType"/>
> <element name="Transform" type="ds:TransformType"/>
> <element name="DigestMethod" type="ds:DigestMethodType"/>
> <element name="DigestValue" type="ds:DigestValueType"/>
> <element name="KeyInfo" type="ds:KeyInfoType"/>
> <element name="KeyName" type="string"/>
> <element name="MgmtData" type="string"/>
> <element name="KeyValue" type="ds:KeyValueType"/>
> <element name="RetrievalMethod" type="ds:RetrievalMethodType"/>
> <element name="X509Data" type="ds:X509DataType"/>
> <element name="PGPData" type="ds:PGPDataType"/>
> <element name="SPKIData" type="ds:SPKIDataType"/>
> <element name="Object" type="ds:ObjectType"/>
> <element name="Manifest" type="ds:ManifestType"/>
> <element name="SignatureProperties" type="ds:SignaturePropertiesType"/>
> <element name="SignatureProperty" type="ds:SignaturePropertyType"/>
> <element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
> <element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
Received on Friday, 21 September 2001 04:18:09 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:36 UTC