W3C home > Mailing lists > Public > xml-encryption@w3.org > March 2002

Re: Typos in schema definition

From: Joseph Reagle <reagle@w3.org>
Date: Wed, 27 Mar 2002 18:11:05 -0500
Message-Id: <200203272311.SAA04511@tux.w3.org>
To: "Takeshi Imamura" <IMAMU@jp.ibm.com>
Cc: xml-encryption@w3.org
On Friday 22 March 2002 13:06, Takeshi Imamura wrote:
> >> 1. With the following, the OAEPParams element cannot be a child of the
> >> EncryptionMethod element because of namespace="##other" of <any>.
> >>
> >>   <complexType name='EncryptionMethodType' mixed='true'>
> >>     <sequence>
> >>       <element name='KeySize' minOccurs='0'
> >>                type='xenc:KeySizeType'/>
> >>       <any namespace='##other' minOccurs='0'
> >>                                maxOccurs='unbounded'/>
> >>     </sequence>
> >>     <attribute name='Algorithm' type='anyURI' use='required'/>
> >>   </complexType>
> >
> >Ok, changed to ##any.
>
> If "##other" is changed to "##any", the schema becomes ambiguous because
> the KeySize element matches both <element> and <any>.  It should be
> changed in another way.

Ah, drats, you are of course correct. (I find the deterministic content 
model of XML Schema to be more of a hinderance than a feature; that's one 
of the nice things about RelaxNG [1].)

[1] http://lists.oasis-open.org/archives/relax-ng/200106/msg00220.html

We have a couple of options:
1. (Make content ##any and rely upon comments or the text in the spec to 
state that KeySize is always permitted.)
2. Better specify this element... is this what you want in principle?
  xenc:KeySize? ( (ds:DigestMethod xenc:OAEPparams) | ##other))

I haven't tested this or included it in the spec yet.

  <complexType name='EncryptionMethodType' mixed='true'>
    <sequence>
      <element name='KeySize' minOccurs='0' type='xenc:KeySizeType'/>
      <choice>
         <sequence>
           <element ref='ds:DigestMethod' minOccurs='0'/> -->
           <element name='OAEPparams' minOccurs='0' type='base64Binary'/>
         </sequence>
         <any namespace='##other' minOccurs='0' maxOccurs='unbounded'/>
      </choice>
    </sequence>
    <attribute name='Algorithm' type='anyURI' use='required'/>
  </complexType>


> >> 2. With the following, either the DataReference or KeyReference
> >> element can be a child of the ReferenceList element.  minOccurs="0"
> >> and maxOccurs
> >> ="unbounded" would be attributes of <choice>.
> >>
> >>   <element name='ReferenceList'>
> >>     <complexType>
> >>       <choice>
> >>         <element name='DataReference' type='xenc:ReferenceType'
> >>          minOccurs='0' maxOccurs='unbounded'/>
> >>         <element name='KeyReference' type='xenc:ReferenceType'
> >>          minOccurs='0' maxOccurs='unbounded'/>
> >>       </choice>
> >>     </complexType>
> >>   </element>
> >
> >So you wish to preclude a key found in an  EncryptedKey from being used
> > to encrypt data *and* other keys? I presume so, and I've adopted your
> > structure below [1], but I guess we should make the minOccurs='1'? (No
> > sense having an empty ReferenceList?)
>
> Sorry for confusing you.  I don't wish to preclude such a key use and
> don't see any problem if a key is used to encrypt both data and other
> keys.

I'm not sure if I'm still confused. I've just changed the spec to the 
following: let me know the specific change you'd like to see if it is not 
appropriate:

  <element name='ReferenceList'>
    <complexType>
      <choice minOccurs='1' maxOccurs='unbounded'>
        <element name='DataReference' type='xenc:ReferenceType'/>
        <element name='KeyReference' type='xenc:ReferenceType'/>
      </choice>
    </complexType>
  </element>


-- 

Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature/
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/
Received on Wednesday, 27 March 2002 18:11:08 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:20 GMT