Re: [widgets] dig sig RelaxNG schema from Frederick Hirsch on 2009-06-25 (public-webapps@w3.org from April to June 2009)

From: Frederick Hirsch <frederick.hirsch@nokia.com>
Date: Thu, 25 Jun 2009 15:39:43 -0400
To: ext Kai Hendry <hendry@aplix.co.jp>
Cc: Frederick Hirsch <frederick.hirsch@nokia.com>, public-webapps WG <public-webapps@w3.org>, XMLSec WG Public List <public-xmlsec@w3.org>
Message-Id: <C2F7B99E-92E5-466D-B0AF-BE43869AF20D@nokia.com>

Kai

XML Signature 1.1 is specified using XML Schema [1].  XML Signature  
1.1 has a draft RNG schema [2].  We did not develop an rnc grammar for  
widget signature.

The XML Security WG started to work on an XML Signature 1.1 RNG schema  
[2] but since we do not have deep expertise in the group we have not  
progressed this yet. However the tests from XML Signature Second  
Edition validated against it. We received some feedback about using  
different styles of RNG schema authoring which we do not have much  
expertise in the group to process -  If you are able to help get the  
schema correct that would be helpful. It is on our list of things to  
do to attempt to improve it, if we can get help.

Is having RNG/RNC schema important? Can you or someone in the WebApps  
working group please help, perhaps by reviewing our RNG schema  
document and suggesting improvements?

I'm copying this message with the XML Security WG.

Thanks

regards, Frederick

Frederick Hirsch, Nokia
Chair XML Security WG

[1] http://www.w3.org/2008/xmlsec/Drafts/xmldsig-core-11/Overview.htm#sec-Schema

[2] http://www.w3.org/2007/xmlsec/Drafts/xmldsig-rngschema/

On Jun 25, 2009, at 7:13 AM, ext Kai Hendry wrote:

> Using http://bondi.omtp.org/1.0/security/xmldsig-core-schema.rnc and
> rnv [1] I've been trying to validate the example:
> http://www.w3.org/TR/widgets-digsig/#example
>
> Firstly does widgets-digsig have it's own grammar.rnc? I have not been
> able to find one.
>
>
> Using xmldsig-core-schema.rnc I ran into a couple of problems. Firstly
> I had to alter:
>
> Object.ANY = (element * {Object.ANY}|attribute * {text}|text)*
>
> To accept the new elements introduced by
> http://www.w3.org/TR/xmldsig-properties/
>
> Also the xmldsig-core-schema.rnc seems sensitive to element order. So
> I made a change to the rnc to get the example signature1.xml to
> validate:
>
> -    Signature.attlist, SignedInfo, SignatureValue, KeyInfo?, Object*
> +    Signature.attlist, SignedInfo, Object*, SignatureValue, KeyInfo?
>
> Or perhaps the order of the example is incorrect?
>
>
>
> Be great to see more fully worked examples. An author-signature.xml
> example would be good.
>
>
> Kind regards,
>
>
> [1] http://www.davidashen.net/rnv.html
>

Received on Thursday, 25 June 2009 19:41:37 UTC